ChrisFiasco Posted March 2, 2014 ID:798252 Share Posted March 2, 2014 Hello when I go to task manager I see a lot of iexplorer.exe and explorer.exe running. Also when I restart my pc I get ituneshelper.dll has failed to load pop up. I've tried scanning with multiple different programs including Malwarebytes, all have failed. Thanks for reading. Link to post Share on other sites More sharing options...
B-boy/StyLe/ Posted March 2, 2014 ID:798304 Share Posted March 2, 2014 Hello! Welcome to Malwarebytes Forums! My name is Georgi and and I will be helping you with your computer problems.Before we begin, please note the following:I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.The logs can take some time to research, so please be patient with me.Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received. If you can't understand something don't hesitate to ask.Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions. STEP 1 Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. STEP 2 Please download the newest version of Malwarebytes' Anti-Malware and install it.Please start the application by double-click on it's icon.Once the program has loaded go to the UPDATE tab and check for updates.When the update is complete, select the Scanner tabSelect Perform quick scan, then click Scan.When the scan is complete, click OK, then Show Results to view the results.Be sure that everything is checked, and click Remove Selected.When completed, a log will open in Notepad.Please save it to a convenient location and post the results in your next reply. Regards,Georgi Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 2, 2014 Author ID:798499 Share Posted March 2, 2014 Thank you so much for responding, I really Appreciate the help. Fortunately, after searching the web for a while I finally solved both of those problems. Right now my only problem is that I have multiple explorer.exe running in task manager. Would you be able to help me with that? Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 2, 2014 Author ID:798515 Share Posted March 2, 2014 Just to be safe, I scanned with both the programs you listed. This is the Farbar Recovery Log: fScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 02Ran by Chris (administrator) on CHRIS-PC on 02-03-2014 14:57:45Running from C:\Users\Chris\Desktop\CleanWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe() C:\Windows\SysWOW64\PnkBstrA.exe(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Akamai Technologies, Inc.) C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Akamai Technologies, Inc.) C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe(Microsoft Corporation) C:\Windows\system32\taskmgr.exe(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)HKU\S-1-5-21-662125380-580819888-2351019072-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - {BCD08415-5D90-42D4-9D51-B75CB3A3A5F8} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzuzyyE0D0EzztD0C0EyCyC0FyDtAtCtAtCtN0D0Tzu0SyBtCyEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=443045279&ir=BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.defaultFF NewTab: about:blankFF Homepage: https://www.youtube.comFF Keyword.URL: user_pref("keyword.URL", "");FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()FF Plugin ProgramFiles/Appdata: C:\Users\Chris\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)FF Extension: ClipConverter Desktop - C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\desktop@clipconverter.cc.xpi [2014-02-11]FF Extension: User Pinned - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\Extensions\{1F3015A6-75BF-4D05-CE58-E58B646B512F} [2014-02-28]FF Extension: Adblock Edge - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-11-16] Chrome: =======CHR HomePage: https://www.google.com/CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-12]CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-12]CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-12]CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-12]CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-12]CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-12] ==================== Services (Whitelisted) ================= R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-02-10] (Ellora Assets Corp.)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-01-05] ()S3 RoxMediaDBGame1X; C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [1095824 2012-08-02] (Corel Corporation)R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)R3 H5xUSB; C:\Windows\System32\Drivers\uth5x64.sys [101632 2012-08-02] (UT)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-07-10] (Corel Corporation)R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-02] (VIA Technologies, Inc.)R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-02] (VIA Technologies, Inc.)U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-02 14:49 - 2014-03-02 14:57 - 00000000 ____D () C:\FRST2014-03-02 14:45 - 2014-03-02 14:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Chris\Downloads\mbam-setup-1.75.0.1300(1).exe2014-03-02 00:08 - 2014-03-02 00:18 - 00000355 _____ () C:\Users\Chris\Desktop\Computer - Shortcut.lnk2014-03-01 23:31 - 2014-03-01 23:31 - 00014152 _____ () C:\ComboFix.txt2014-03-01 23:20 - 2014-03-01 23:20 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Chris\Downloads\rkill.exe2014-03-01 23:19 - 2014-03-01 23:19 - 05185084 ____R (Swearware) C:\Users\Chris\Downloads\ComboFix.exe2014-03-01 21:57 - 2014-03-01 23:31 - 00000000 ____D () C:\Qoobox2014-03-01 21:57 - 2014-03-01 23:29 - 00000000 ____D () C:\Windows\erdnt2014-03-01 21:57 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe2014-03-01 21:57 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe2014-03-01 21:57 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2014-03-01 21:57 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2014-03-01 21:57 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2014-03-01 21:57 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe2014-03-01 21:57 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe2014-03-01 21:57 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe2014-03-01 20:05 - 2014-03-01 20:05 - 00000017 _____ () C:\Users\Chris\AppData\Local\resmon.resmoncfg2014-03-01 19:55 - 2014-03-02 14:57 - 00000000 ____D () C:\Users\Chris\Desktop\Clean2014-03-01 19:48 - 2014-03-01 23:33 - 00002324 _____ () C:\Windows\PFRO.log2014-03-01 19:32 - 2014-03-02 14:38 - 00000672 _____ () C:\Windows\setupact.log2014-03-01 19:32 - 2014-03-01 19:32 - 00000000 _____ () C:\Windows\setuperr.log2014-03-01 19:29 - 2014-03-02 03:32 - 00000000 ____D () C:\AdwCleaner2014-03-01 19:08 - 2014-03-01 19:20 - 00000000 ____D () C:\Program Files (x86)\PCFixKit2014-03-01 19:08 - 2014-03-01 19:08 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\PCFixKit2014-03-01 19:03 - 2014-03-01 19:03 - 00000000 ____D () C:\Program Files\Enigma Software Group2014-03-01 19:03 - 2014-03-01 19:03 - 00000000 _____ () C:\autoexec.bat2014-03-01 19:02 - 2014-03-01 19:17 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP2014-03-01 18:36 - 2014-03-01 18:46 - 00000000 ____D () C:\Users\Chris\Desktop\Shell Extension2014-02-28 07:35 - 2014-02-28 07:35 - 00000000 ____D () C:\ProgramData\Package Cache2014-02-28 07:34 - 2014-02-28 07:34 - 00000000 ____D () C:\Program Files (x86)\Seagate2014-02-28 02:52 - 2014-02-28 02:54 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit2014-02-28 02:52 - 2014-02-28 02:52 - 00000000 ____D () C:\Users\Chris\AppData\Local\DriverToolkit2014-02-27 02:29 - 2014-02-27 03:36 - 00000000 ____D () C:\Users\Chris\Desktop\yep2014-02-23 23:22 - 2014-02-24 00:10 - 00000000 ____D () C:\Users\Chris\Desktop\3DTotal Total Textures 1-162014-02-18 13:23 - 2014-02-18 13:23 - 00001339 _____ () C:\Users\Public\Desktop\Freemake Video Downloader.lnk2014-02-16 13:00 - 2014-02-16 13:00 - 00000000 ____D () C:\Users\Chris\Documents\Respawn2014-02-16 10:47 - 2014-02-16 11:40 - 00000000 ____D () C:\Users\Chris\AppData\Local\headus2014-02-16 10:47 - 2014-02-16 10:47 - 00001178 _____ () C:\Users\Chris\Desktop\uvlayout - Shortcut.lnk2014-02-15 01:20 - 2014-02-15 01:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-02-12 18:54 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-02-12 18:54 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-02-12 18:53 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-02-12 18:53 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-02-12 18:53 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-02-12 18:53 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-02-12 18:53 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-02-12 18:53 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-02-12 18:53 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-02-12 18:53 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-02-12 18:53 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-02-12 18:53 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-02-12 18:53 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-02-12 18:53 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-02-12 18:53 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-02-12 18:53 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-02-12 18:53 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-02-12 18:53 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-02-12 18:53 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-02-12 18:53 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-02-12 18:53 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-02-12 18:53 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-02-12 18:53 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-02-12 18:53 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-02-12 18:53 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-02-12 18:53 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-02-12 18:53 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-02-12 18:53 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-02-12 18:53 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-02-12 18:53 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-02-12 18:53 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-02-12 18:53 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-02-12 18:53 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-02-12 18:53 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-02-12 18:53 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-02-12 18:53 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-02-12 18:53 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-02-12 18:53 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-02-12 18:53 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-02-12 18:53 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-02-12 18:53 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-02-12 14:03 - 2014-02-12 14:03 - 03859681 _____ () C:\Users\Chris\Downloads\Akuma main menu background by augh.7z2014-02-12 11:17 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls2014-02-12 11:17 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls2014-02-12 11:17 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-02-12 11:17 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-02-12 11:17 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-02-12 11:17 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-02-12 11:17 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-02-12 11:17 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-02-12 11:17 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll2014-02-12 11:17 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll2014-02-12 11:17 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll2014-02-12 11:17 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll2014-02-12 11:17 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll2014-02-12 11:17 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe2014-02-12 11:17 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe2014-02-12 11:17 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe2014-02-12 11:17 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe2014-02-12 11:17 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll2014-02-12 11:17 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll2014-02-12 11:17 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll2014-02-12 11:17 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll2014-02-12 11:17 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll2014-02-12 11:17 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe2014-02-12 11:17 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe2014-02-12 11:17 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe2014-02-12 11:17 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe2014-02-12 11:17 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll2014-02-12 11:17 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2014-02-11 18:58 - 2014-02-18 01:22 - 00000000 ____D () C:\Users\Chris\ClipConverter2014-02-11 18:58 - 2014-02-11 18:58 - 00001151 _____ () C:\Users\Chris\Desktop\ClipConverter.lnk2014-02-11 18:58 - 2014-02-11 18:58 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClipConverter2014-02-11 18:57 - 2014-02-11 18:58 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Lunaweb2014-02-11 18:46 - 2014-02-11 18:57 - 23590915 _____ (Lunaweb) C:\Users\Chris\Downloads\setup_110.exe2014-02-08 14:55 - 2014-02-08 14:55 - 01077248 _____ () C:\Users\Chris\Downloads\WmpSub.msi2014-02-01 21:32 - 2014-02-01 21:32 - 00001003 _____ () C:\Users\Chris\Desktop\GameSpy Arcade.lnk2014-02-01 21:30 - 2014-02-01 21:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games ==================== One Month Modified Files and Folders ======= 2014-03-02 14:57 - 2014-03-02 14:49 - 00000000 ____D () C:\FRST2014-03-02 14:57 - 2014-03-01 19:55 - 00000000 ____D () C:\Users\Chris\Desktop\Clean2014-03-02 14:57 - 2013-11-16 15:02 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Skype2014-03-02 14:47 - 2014-01-18 14:40 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-03-02 14:47 - 2014-01-18 14:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-03-02 14:46 - 2014-03-02 14:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Chris\Downloads\mbam-setup-1.75.0.1300(1).exe2014-03-02 14:45 - 2009-07-13 23:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-03-02 14:45 - 2009-07-13 23:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-03-02 14:42 - 2013-11-07 14:32 - 01917669 _____ () C:\Windows\WindowsUpdate.log2014-03-02 14:38 - 2014-03-01 19:32 - 00000672 _____ () C:\Windows\setupact.log2014-03-02 14:38 - 2013-12-12 01:48 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-03-02 14:38 - 2013-11-07 14:34 - 00000000 ____D () C:\ProgramData\NVIDIA2014-03-02 14:38 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-03-02 03:32 - 2014-03-01 19:29 - 00000000 ____D () C:\AdwCleaner2014-03-02 03:32 - 2014-01-30 14:21 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000UA.job2014-03-02 03:30 - 2013-11-16 15:36 - 00000000 ____D () C:\Users\Chris\AppData\Local\Adobe2014-03-02 03:14 - 2013-11-16 15:37 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-03-02 03:06 - 2013-12-12 01:48 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-03-02 02:59 - 2013-11-16 17:07 - 00000388 _____ () C:\Windows\Tasks\update-sys.job2014-03-02 02:10 - 2013-11-19 16:48 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps2014-03-02 01:02 - 2013-11-16 17:07 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-662125380-580819888-2351019072-1000.job2014-03-02 00:18 - 2014-03-02 00:08 - 00000355 _____ () C:\Users\Chris\Desktop\Computer - Shortcut.lnk2014-03-01 23:56 - 2013-11-16 17:02 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\uTorrent2014-03-01 23:33 - 2014-03-01 19:48 - 00002324 _____ () C:\Windows\PFRO.log2014-03-01 23:31 - 2014-03-01 23:31 - 00014152 _____ () C:\ComboFix.txt2014-03-01 23:31 - 2014-03-01 21:57 - 00000000 ____D () C:\Qoobox2014-03-01 23:29 - 2014-03-01 21:57 - 00000000 ____D () C:\Windows\erdnt2014-03-01 23:29 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini2014-03-01 23:20 - 2014-03-01 23:20 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Chris\Downloads\rkill.exe2014-03-01 23:19 - 2014-03-01 23:19 - 05185084 ____R (Swearware) C:\Users\Chris\Downloads\ComboFix.exe2014-03-01 22:05 - 2013-11-16 15:37 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Adobe2014-03-01 22:05 - 2013-11-16 14:40 - 00000000 ___RD () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-03-01 22:05 - 2009-07-13 21:34 - 89653248 _____ () C:\Windows\system32\config\SOFTWARE.bak2014-03-01 22:05 - 2009-07-13 21:34 - 21757952 _____ () C:\Windows\system32\config\SYSTEM.bak2014-03-01 22:05 - 2009-07-13 21:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak2014-03-01 22:05 - 2009-07-13 21:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak2014-03-01 22:05 - 2009-07-13 21:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak2014-03-01 20:05 - 2014-03-01 20:05 - 00000017 _____ () C:\Users\Chris\AppData\Local\resmon.resmoncfg2014-03-01 19:44 - 2013-11-19 15:58 - 00000000 ____D () C:\Users\Chris\Desktop\TO2014-03-01 19:32 - 2014-03-01 19:32 - 00000000 _____ () C:\Windows\setuperr.log2014-03-01 19:20 - 2014-03-01 19:08 - 00000000 ____D () C:\Program Files (x86)\PCFixKit2014-03-01 19:17 - 2014-03-01 19:02 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP2014-03-01 19:08 - 2014-03-01 19:08 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\PCFixKit2014-03-01 19:03 - 2014-03-01 19:03 - 00000000 ____D () C:\Program Files\Enigma Software Group2014-03-01 19:03 - 2014-03-01 19:03 - 00000000 _____ () C:\autoexec.bat2014-03-01 18:59 - 2013-11-17 03:00 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Sony2014-03-01 18:59 - 2013-11-16 22:36 - 00000000 ____D () C:\Program Files (x86)\Steam2014-03-01 18:58 - 2014-01-18 08:20 - 00000000 ____D () C:\Windows\Minidump2014-03-01 18:46 - 2014-03-01 18:36 - 00000000 ____D () C:\Users\Chris\Desktop\Shell Extension2014-03-01 16:27 - 2013-11-16 22:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games2014-02-28 22:21 - 2014-01-21 13:09 - 00000000 ____D () C:\Users\Chris\Desktop\Team Production2014-02-28 22:17 - 2013-12-04 14:24 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT2014-02-28 07:35 - 2014-02-28 07:35 - 00000000 ____D () C:\ProgramData\Package Cache2014-02-28 07:34 - 2014-02-28 07:34 - 00000000 ____D () C:\Program Files (x86)\Seagate2014-02-28 03:30 - 2014-01-18 07:00 - 00000000 ____D () C:\Users\Chris\Desktop\Adv Prototype2014-02-28 02:54 - 2014-02-28 02:52 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit2014-02-28 02:52 - 2014-02-28 02:52 - 00000000 ____D () C:\Users\Chris\AppData\Local\DriverToolkit2014-02-28 02:37 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI2014-02-27 10:32 - 2014-01-30 14:21 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000Core.job2014-02-27 03:36 - 2014-02-27 02:29 - 00000000 ____D () C:\Users\Chris\Desktop\yep2014-02-26 19:35 - 2013-11-16 15:07 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla2014-02-25 18:24 - 2013-12-06 23:27 - 00000132 _____ () C:\Users\Chris\AppData\Roaming\Adobe Targa Format CS6 Prefs2014-02-25 15:22 - 2013-11-16 16:28 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI2014-02-24 18:46 - 2013-11-22 14:18 - 00000000 ____D () C:\Users\Chris\AppData\Local\Mirillis2014-02-24 00:10 - 2014-02-23 23:22 - 00000000 ____D () C:\Users\Chris\Desktop\3DTotal Total Textures 1-162014-02-21 17:08 - 2013-12-12 01:49 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-02-21 01:00 - 2014-01-22 17:10 - 00000000 ____D () C:\Users\Chris\Desktop\UDK2014-02-20 15:14 - 2013-11-16 15:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-02-20 15:14 - 2013-11-16 15:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-02-20 15:14 - 2013-11-16 15:37 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-02-18 15:12 - 2013-11-16 22:44 - 00000000 ____D () C:\ProgramData\Origin2014-02-18 15:12 - 2013-11-16 22:44 - 00000000 ____D () C:\Program Files (x86)\Origin2014-02-18 13:28 - 2013-11-22 16:12 - 00000000 ____D () C:\ProgramData\Freemake2014-02-18 13:23 - 2014-02-18 13:23 - 00001339 _____ () C:\Users\Public\Desktop\Freemake Video Downloader.lnk2014-02-18 13:23 - 2013-11-22 16:12 - 00000000 ____D () C:\Program Files (x86)\Freemake2014-02-18 01:22 - 2014-02-11 18:58 - 00000000 ____D () C:\Users\Chris\ClipConverter2014-02-17 14:30 - 2013-12-08 08:11 - 00000000 ____D () C:\Users\Chris\Desktop\UVLayout v2 Professional2014-02-16 13:00 - 2014-02-16 13:00 - 00000000 ____D () C:\Users\Chris\Documents\Respawn2014-02-16 13:00 - 2013-11-21 13:18 - 00000000 ____D () C:\Users\Chris\Desktop\Games2014-02-16 11:40 - 2014-02-16 10:47 - 00000000 ____D () C:\Users\Chris\AppData\Local\headus2014-02-16 10:47 - 2014-02-16 10:47 - 00001178 _____ () C:\Users\Chris\Desktop\uvlayout - Shortcut.lnk2014-02-16 10:27 - 2014-01-30 14:21 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000UA2014-02-16 10:27 - 2014-01-30 14:21 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000Core2014-02-15 15:20 - 2014-01-26 16:41 - 00000000 ____D () C:\Program Files (x86)\Convert Audio Free2014-02-15 12:06 - 2013-11-16 15:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-02-15 03:01 - 2013-11-29 16:04 - 00000000 ____D () C:\Windows\system32\MRT2014-02-15 03:00 - 2013-11-29 16:04 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-02-15 01:33 - 2013-12-15 21:15 - 00000000 ____D () C:\Users\Chris\Desktop\SMUG2014-02-15 01:20 - 2014-02-15 01:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-02-13 12:01 - 2013-12-12 01:48 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-02-13 12:01 - 2013-12-12 01:48 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-02-12 15:24 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF2014-02-12 14:43 - 2014-01-01 23:32 - 00000000 ____D () C:\Users\Chris\Desktop\AE Mods2014-02-12 14:03 - 2014-02-12 14:03 - 03859681 _____ () C:\Users\Chris\Downloads\Akuma main menu background by augh.7z2014-02-11 22:15 - 2013-12-03 17:12 - 00000132 _____ () C:\Users\Chris\AppData\Roaming\Adobe PNG Format CS6 Prefs2014-02-11 18:58 - 2014-02-11 18:58 - 00001151 _____ () C:\Users\Chris\Desktop\ClipConverter.lnk2014-02-11 18:58 - 2014-02-11 18:58 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClipConverter2014-02-11 18:58 - 2014-02-11 18:57 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Lunaweb2014-02-11 18:58 - 2013-11-16 14:40 - 00000000 ____D () C:\Users\Chris2014-02-11 18:57 - 2014-02-11 18:46 - 23590915 _____ (Lunaweb) C:\Users\Chris\Downloads\setup_110.exe2014-02-09 18:38 - 2014-01-29 17:37 - 00000000 ____D () C:\Users\Chris\Desktop\F.E.A.R2014-02-08 20:59 - 2014-01-19 13:34 - 00000000 ____D () C:\Users\Chris\Documents\3D-CoatV42014-02-08 17:52 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries2014-02-08 14:55 - 2014-02-08 14:55 - 01077248 _____ () C:\Users\Chris\Downloads\WmpSub.msi2014-02-06 07:16 - 2014-02-12 18:53 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-02-06 06:30 - 2014-02-12 18:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-02-06 06:30 - 2014-02-12 18:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-02-06 06:12 - 2014-02-12 18:53 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-02-06 06:07 - 2014-02-12 18:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-02-06 06:06 - 2014-02-12 18:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-02-06 05:57 - 2014-02-12 18:53 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-02-06 05:56 - 2014-02-12 18:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-02-06 05:52 - 2014-02-12 18:53 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-02-06 05:49 - 2014-02-12 18:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-02-06 05:48 - 2014-02-12 18:53 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-02-06 05:48 - 2014-02-12 18:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-02-06 05:38 - 2014-02-12 18:53 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-02-06 05:32 - 2014-02-12 18:53 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-02-06 05:20 - 2014-02-12 18:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-02-06 05:17 - 2014-02-12 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-02-06 05:11 - 2014-02-12 18:53 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-02-06 05:01 - 2014-02-12 18:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-02-06 05:00 - 2014-02-12 18:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-02-06 04:57 - 2014-02-12 18:53 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-02-06 04:57 - 2014-02-12 18:53 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-02-06 04:52 - 2014-02-12 18:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-02-06 04:52 - 2014-02-12 18:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-02-06 04:50 - 2014-02-12 18:53 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-02-06 04:49 - 2014-02-12 18:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-02-06 04:47 - 2014-02-12 18:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-02-06 04:46 - 2014-02-12 18:53 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-02-06 04:25 - 2014-02-12 18:53 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-02-06 04:25 - 2014-02-12 18:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-02-06 04:24 - 2014-02-12 18:53 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-02-06 04:22 - 2014-02-12 18:53 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-02-06 04:13 - 2014-02-12 18:53 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-02-06 04:09 - 2014-02-12 18:53 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-02-06 04:03 - 2014-02-12 18:53 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-02-06 03:55 - 2014-02-12 18:53 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-02-06 03:41 - 2014-02-12 18:53 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-02-06 03:40 - 2014-02-12 18:53 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-02-06 03:36 - 2014-02-12 18:53 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-02-06 03:34 - 2014-02-12 18:53 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-02-05 16:04 - 2014-01-19 13:36 - 00000000 ____D () C:\Users\Chris\Desktop\Character2014-02-01 21:32 - 2014-02-01 21:32 - 00001003 _____ () C:\Users\Chris\Desktop\GameSpy Arcade.lnk2014-02-01 21:32 - 2014-01-29 17:12 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2014-02-01 21:32 - 2014-01-29 17:11 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade2014-02-01 21:32 - 2014-01-29 17:10 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade2014-02-01 21:32 - 2013-11-16 18:04 - 00000000 ____D () C:\Users\Chris\Documents\My Games2014-02-01 21:30 - 2014-02-01 21:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games Files to move or delete:====================C:\Users\Chris\jagex_cl_runescape_LIVE.datC:\Users\Chris\random.dat Some content of TEMP:====================C:\Users\Chris\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2011-11-21 20:26 ==================== End Of Log ============================ Malwarebytes Log: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.03.02.10 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16518Chris :: CHRIS-PC [administrator] 3/2/2014 3:06:20 PMmbam-log-2014-03-02 (15-06-20).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 243366Time elapsed: 7 minute(s), 18 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 2, 2014 Author ID:798516 Share Posted March 2, 2014 Sorry forgot to include the Addition Log. Here it is here: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2014 02Ran by Chris at 2014-03-02 14:58:04Running from C:\Users\Chris\Desktop\CleanBoot Mode: Normal========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) HiddenAutodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) HiddenAutodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) HiddenAutodesk Mudbox 2014 (HKLM\...\Autodesk Mudbox 2014) (Version: 8.0.0.1010 - Autodesk)Autodesk Mudbox 2014 (Version: 8.0.0.1010 - Autodesk) HiddenAVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.4.1.240 - Online Media Technologies Ltd.)Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version: - Infinity Ward)CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)ClipConverter (HKLM-x32\...\{86134348-6422-4486-AB6A-0E01DBA39DE6}) (Version: 1.1.0 - Lunaweb)Convert Audio Free FLAC to MP3 version 1.0 (HKLM-x32\...\Convert Audio Free FLAC to MP3_is1) (Version: 1.0 - )Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenFEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )Free CBR Reader (HKLM-x32\...\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}) (Version: 1.0.0 - Free Picture Solutions)Free Soundcloud Downloader (HKLM-x32\...\{4D2F193D-4725-4518-9F23-AAF5A3475875}) (Version: 1.0.0 - Convert Audio Free)Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.3 - Ellora Assets Corporation)Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version: - Mode 7)GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)Google Talk Plugin (HKLM-x32\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google)Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) HiddenHearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJunk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenLeft 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)lightshot-4.4.2.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.10 - Skillbrains)Local Subtitles for 64-bit WMP (HKLM\...\{190BC83F-D54E-4494-830E-7FB4A5F4B964}) (Version: 1.6.0.0 - Alexander Demidov)Luxology modo 701 64-bit build 58358 (HKLM-x32\...\701_64) (Version: - )Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)mental ray renderer for Autodesk Maya 2014 (HKLM\...\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}) (Version: 13.0.0.0 - mental ray)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)Microsoft Halo (HKLM-x32\...\Halo) (Version: - Microsoft)Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) HiddenMicrosoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) HiddenMirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)NVIDIA 3D Vision Controller Driver 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)NVIDIA 3D Vision Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.23 - NVIDIA Corporation)NVIDIA Control Panel 327.23 (Version: 327.23 - NVIDIA Corporation) HiddenNVIDIA Graphics Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723 - NVIDIA Corporation) HiddenOpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) HiddenPlatform (x32 Version: 1.39 - VIA Technologies, Inc.) HiddenPunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)RAGE (HKLM-x32\...\Steam App 9200) (Version: - id Software)Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) HiddenRoxio Game Capture HD PRO (HKLM-x32\...\{2DD84AB2-8BF4-49FA-9D62-E3F93D4F56FB}) (Version: 1.0 - Roxio)Roxio Game Capture HD PRO (x32 Version: 1.0.135 - Roxio) HiddenRoxio GameCAP HD PRO (x32 Version: 1.00.0000 - Roxio) HiddenRuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1989.5 - Hi-Rez Studios)Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)Splash Lite (HKLM-x32\...\{8B4A6011-BB10-4918-B561-3F6CF5712B37}) (Version: 1.7.1 - Mirillis)Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Super Street Fighter IV: Arcade Edition (HKLM-x32\...\GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}) (Version: 1.0.0000.129 - CAPCOM U.S.A., INC)Super Street Fighter IV: Arcade Edition (x32 Version: 1.0.0000.129 - CAPCOM U.S.A., INC) HiddenSUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0005.129 - CAPCOM U.S.A., INC) HiddenTeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)Unity (HKLM-x32\...\Unity) (Version: - Unity Technologies ApS)Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)Unreal Development Kit: 2013-07 (HKLM\...\UDK-cc22b77f-9cae-40b5-9806-1d755fc98774) (Version: - Epic Games, Inc.)Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Restore Points ========================= 25-02-2014 20:20:38 Windows Update28-02-2014 12:34:59 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.5110628-02-2014 22:48:32 Windows Update02-03-2014 00:02:59 Installed SpyHunter02-03-2014 00:16:36 Removed SpyHunter ==================== Hosts content: ========================== 2009-07-13 21:34 - 2014-03-01 22:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {04200284-0010-4612-9739-A62287861C9E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-662125380-580819888-2351019072-1000Task: {2101DF96-072E-4AE5-A0E5-02B0DC812566} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.)Task: {3A5FD721-AE48-4942-93D8-FBC0D471034E} - System32\Tasks\update-S-1-5-21-662125380-580819888-2351019072-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()Task: {5B202745-7F4C-40E2-992A-6B86399FE811} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {5F228A34-FE98-43E0-B5E7-AD74E870A842} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.)Task: {6C5532E0-5AFA-4691-B208-CA252F42ABD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.)Task: {94CBFF57-B477-4DFA-90AA-FD4548C15E79} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-12] (Google Inc.)Task: {A65318C0-97A5-4580-8932-DFCBB788C765} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackupTask: {AA6B20B3-B30D-4FC8-A088-AF2EE896F8CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)Task: {C58BB8DF-AF17-43E8-AFA4-69415F1F8475} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()Task: {E75C1DF8-114F-43A3-A477-C4649BF30B74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000Core.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000UA.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\update-S-1-5-21-662125380-580819888-2351019072-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exeTask: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-07 14:33 - 2013-09-12 02:25 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2014-01-05 12:17 - 2014-01-05 12:17 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe2014-02-27 15:53 - 2014-02-27 15:53 - 02967040 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll2014-03-01 23:09 - 2014-03-01 23:09 - 02278912 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll2012-04-24 20:18 - 2012-04-24 20:18 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll2012-04-24 20:18 - 2012-04-24 20:18 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbyloginMSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -rMSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -schedulerMSCONFIG\startupreg: LightShot => C:\Users\Chris\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalueMSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunMSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeMSCONFIG\startupreg: WmiPrv => C:\Users\Chris\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (03/02/2014 02:40:20 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2014 03:34:35 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2014 02:10:06 AM) (Source: Application Error) (User: )Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24Exception code: 0xc000070aFault offset: 0x000000000005cf99Faulting process id: 0x5ccFaulting application start time: 0xexplorer.exe0Faulting application path: explorer.exe1Faulting module path: explorer.exe2Report Id: explorer.exe3 Error: (03/02/2014 00:44:36 AM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2014 00:35:47 AM) (Source: Application Error) (User: )Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24Exception code: 0xc0000024Fault offset: 0x00000000000cd7e8Faulting process id: 0xc44Faulting application start time: 0xexplorer.exe0Faulting application path: explorer.exe1Faulting module path: explorer.exe2Report Id: explorer.exe3 Error: (03/01/2014 11:36:11 PM) (Source: Application Error) (User: )Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4Faulting module name: mshtml.dll, version: 11.0.9600.16518, time stamp: 0x52f37bcbException code: 0xc00000fdFault offset: 0x00000000000655f2Faulting process id: 0x6c4Faulting application start time: 0xExplorer.EXE0Faulting application path: Explorer.EXE1Faulting module path: Explorer.EXE2Report Id: Explorer.EXE3 Error: (03/01/2014 11:34:56 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2014 11:10:06 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2014 10:08:11 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2014 10:05:41 PM) (Source: Bonjour Service) (User: )Description: 524: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.) System errors:=============Error: (03/02/2014 03:32:11 AM) (Source: DCOM) (User: )Description: {3EB3C877-1F16-487C-9050-104DBCD66683} Error: (03/01/2014 11:29:05 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (03/01/2014 11:26:48 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (03/01/2014 10:05:36 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (03/01/2014 10:05:31 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (03/01/2014 10:05:11 PM) (Source: Application Popup) (User: )Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (03/01/2014 10:03:21 PM) (Source: Service Control Manager) (User: )Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (03/01/2014 08:01:06 PM) (Source: DCOM) (User: )Description: {3EB3C877-1F16-487C-9050-104DBCD66683} Error: (03/01/2014 06:25:29 PM) (Source: DCOM) (User: )Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (03/01/2014 00:24:34 PM) (Source: DCOM) (User: )Description: {EA022610-0748-4C24-B229-6C507EBDFDBB} Microsoft Office Sessions:=========================Error: (03/02/2014 02:40:20 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2014 03:34:35 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2014 02:10:06 AM) (Source: Application Error)(User: )Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000070a000000000005cf995cc01cf35e1c1e2ec7eC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dllae854f1b-a1d9-11e3-b7ab-94de80ce66f5 Error: (03/02/2014 00:44:36 AM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2014 00:35:47 AM) (Source: Application Error)(User: )Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000002400000000000cd7e8c4401cf35d8f00fe8dcC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll81581e18-a1cc-11e3-b457-94de80ce66f5 Error: (03/01/2014 11:36:11 PM) (Source: Application Error)(User: )Description: Explorer.EXE6.1.7601.175674d672ee4mshtml.dll11.0.9600.1651852f37bcbc00000fd00000000000655f26c401cf35d0cae52507C:\Windows\Explorer.EXEC:\Windows\System32\mshtml.dll2dd1f6e9-a1c4-11e3-b457-94de80ce66f5 Error: (03/01/2014 11:34:56 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2014 11:10:06 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2014 10:08:11 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2014 10:05:41 PM) (Source: Bonjour Service)(User: )Description: 524: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.) CodeIntegrity Errors:=================================== Date: 2014-03-01 22:05:11.231 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-01 22:05:11.195 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 40%Total physical RAM: 8173.54 MBAvailable physical RAM: 4841.91 MBTotal Pagefile: 16347.07 MBAvailable Pagefile: 12481.39 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:931.41 GB) (Free:442.85 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 74697CAA)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 3, 2014 Author ID:798617 Share Posted March 3, 2014 After opening my audio mixer, I noticed that all of the extra explorers were giving off sound. I un-muted them and heard ads being played, but a few seconds later the explorers muted themselves. Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 3, 2014 Author ID:798638 Share Posted March 3, 2014 Is anyone still helping me lol? Link to post Share on other sites More sharing options...
B-boy/StyLe/ Posted March 3, 2014 ID:798641 Share Posted March 3, 2014 Hello, I need to check something: Please download OTL from the link below:OTLSave it to your desktop/Double click on the icon on your desktop.OTL should now start. Change the following settings:- Click on Scan All Users checkbox given at the top.- Under File Scans, change File age to 90- Change Standard Registry to All- Check the boxes beside LOP Check and Purity CheckCopy and Paste the following code into the textbox.Don't copy the word "quoted"netsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%SYSTEMDRIVE%\*.*%SYSTEMDRIVE%\*.%USERPROFILE%\*.*%USERPROFILE%\*.%USERPROFILE%\*.exe /s%USERPROFILE%\Documents\*.*%USERPROFILE%\Downloads\*.*%USERPROFILE%\AppData\Local\*.*%USERPROFILE%\AppData\Local\*.%USERPROFILE%\AppData\Local\Google\Chrome\User Data\Default\*.*%USERPROFILE%\AppData\Local\Google\Chrome\User Data\Default\*.%USERPROFILE%\AppData\Local\temp\*.exe%USERPROFILE%\AppData\Roaming\*.*%USERPROFILE%\AppData\Roaming\*.%ProgramData%\*.*%ProgramData%\*.%programdata%\Microsoft\Windows\DRM\*.tmp%programdata%\Microsoft\DRM\*.tmpC:\Users\All Users\*.exe /sC:\Users\Default\*.exe /sC:\Users\Public\*.exe /s%CommonProgramFiles%\*.*%CommonProgramFiles%\*.%CommonProgramFiles%\ComObjects\*.*%ProgramFiles%\*.*%ProgramFiles%\*.%Public%\Documents\*.*%Public%\Documents\*.%systemroot%\System32\config\systemprofile\*.exe /s%systemroot%\System32\config\systemprofile\*.*%systemroot%\System32\config\systemprofile\*.%systemroot%\system32\config\systemprofile\AppData\Local\*.*%systemroot%\system32\config\systemprofile\AppData\Local\*.%systemroot%\system32\config\systemprofile\AppData\Roaming\*.*%systemroot%\system32\config\systemprofile\AppData\Roaming\*.%systemroot%\SysWow64\config\systemprofile\*.exe /s%systemroot%\SysWow64\config\systemprofile\*.*%systemroot%\SysWow64\config\systemprofile\*.%systemroot%\SysWOW64\config\systemprofile\AppData\Local\*.*%systemroot%\SysWOW64\config\systemprofile\AppData\Local\*.%systemroot%\SysWOW64\config\systemprofile\AppData\Roaming\*.*%systemroot%\SysWOW64\config\systemprofile\AppData\Roaming\*.%systemroot%\ServiceProfiles\*.exe /s%systemroot%\ServiceProfiles\LocalService\AppData\Local\*.*%systemroot%\ServiceProfiles\LocalService\AppData\Local\*.%systemroot%\ServiceProfiles\LocalService\AppData\Local\Temp\*.tlb%systemroot%\ServiceProfiles\LocalService\AppData\Roaming\*.*%systemroot%\ServiceProfiles\LocalService\AppData\Roaming\*.%systemroot%\ServiceProfiles\NetworkService\AppData\Local\*.*%systemroot%\ServiceProfiles\NetworkService\AppData\Local\*.%systemroot%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tlb%systemroot%\ServiceProfiles\NetworkService\AppData\Roaming\*.*%systemroot%\ServiceProfiles\NetworkService\AppData\Roaming\*.%windir%\temp\*.exe%windir%\*.%windir%\AppPatch\*.exe /s%windir%\ShellNew\*.*%windir%\installer\*.%windir%\system32\*.%windir%\sysnative\*.%Temp%\smtmp\1\*.*%Temp%\smtmp\2\*.*%Temp%\smtmp\3\*.*%Temp%\smtmp\4\*.*%systemroot%\system32\*.dll /lockedfiles%systemroot%\syswow64\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\system32\drivers\*.sys /90%systemroot%\system32\drivers\*.sys /lockedfiles%systemroot%\syswow64\drivers\*.sys /90%systemroot%\syswow64\drivers\*.sys /lockedfiles%SYSTEMDRIVE%\*. /rp /s%systemroot%\assembly\tmp\*.* /S /MD5%systemroot%\assembly\temp\*.* /S /MD5%systemroot%\assembly\GAC\*.ini%systemroot%\assembly\GAC_32\*.ini%systemroot%\assembly\GAC_64\*.ini%SystemRoot%\assembly\GAC_MSIL\*.iniwsSystemRoot|l,n,u,@;True;False;True;$,{ /fn%systemdrive%\$Recycle.Bin|@;true;true;true /fpHKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /sHKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /sHKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /sHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /sHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /sHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} /sHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /sHKEY_CLASSES_ROOT\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /sHKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /sHKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /sHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /sHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor /sHKCU\Software\Classes\CLSID\{ECD4FC4D-521C-11D0-B792-00A0C90312E1}\InprocServer32 /sHKLM\Software\Classes\CLSID\{E6BB64BE-0618-4353-9193-0AFE606D6F0C}\InprocServer32 /sHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\scsimap /sHKEY_CLASSES_ROOT\CLSID\{118BEDCC-A901-4203-B4F2-ADCB957D1887} /sHKEY_CLASSES_ROOT\CLSID\{312BED3C-A901-4203-B4F2-ADCB957D1887} /sHKEY_CLASSES_ROOT\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887} /sHKEY_CLASSES_ROOT\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887} /sHKEY_CLASSES_ROOT\CLSID\{212B3DCC-A901-4203-B4F2-ADCB957D1887} /sHKEY_CLASSES_ROOT\CLSID\{A12BEDCC-A901-4203-B4F2-ADCB957D1887} /sHKEY_CLASSES_ROOT\CLSID\{118BEDCA-A901-4203-B4F2-ADCB957D188F} /sHKEY_CLASSES_ROOT\CLSID\{118BEDCA-A901-4203-B4F2-ADCB957D188B} /sHKEY_CLASSES_ROOT\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /sHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /sHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /sHKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers /sHKEY_CLASSES_ROOT\Directory\Shellex\CopyHookHandlers\MSCopy /sHKEY_CURRENT_USER\Software\Classes\Directory\shellex\CopyHookHandlers /sHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers /sHKEY_CURRENT_USER\Software\MSOLoad /stype C:\WINDOWS\system.ini >> test.txt /cbcdedit /enum all /v >C:\boot.txt /c>C:\commands.txt echo list vol /raw /hide /c/wait>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c/waittype c:\diskreport.txt /c/waiterase c:\commands.txt /hide /c/waiterase c:\diskreport.txt /hide /c/md5startconsrv.dllservices.exeexplorer.exelsass.exesvchost.exewininit.exewinlogon.exeuserinit.exesmss.exefastfat.sysatapi.sysserial.sysvolsnap.sysdisk.sysi8042prt.sysafd.sysnetbt.syscsc.systcpip.syskbdclass.syskbdhid.sysmouclass.sysmouhid.sysspldr.sysdfsc.syshlp.datstr.syscerxvx.ocxcrexv.ocxmsseedir.dllmsdr.dlllmbd.dllwsse.dllintel.exeWService.dlliTunesHelper.dll/md5stopPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedRegards, Georgi Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 3, 2014 Author ID:798650 Share Posted March 3, 2014 Thank you so much for responding. Here is my OTL.txt Log:OTL logfile created on: 3/3/2014 6:13:35 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop\Clean64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16518)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy7.98 Gb Total Physical Memory | 3.66 Gb Available Physical Memory | 45.91% Memory free15.96 Gb Paging File | 11.90 Gb Available in Paging File | 74.54% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 931.41 Gb Total Space | 452.41 Gb Free Space | 48.57% Space Free | Partition Type: NTFSComputer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2014/03/03 06:10:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\Clean\OTL.scrPRC - [2014/02/10 14:08:54 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exePRC - [2014/01/22 12:19:38 | 003,788,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exePRC - [2014/01/22 12:17:36 | 004,962,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exePRC - [2014/01/05 12:17:41 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exePRC - [2013/09/27 13:39:50 | 000,313,120 | ---- | M] (Skillbrains) -- C:\Users\Chris\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exePRC - [2013/09/24 01:35:44 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exePRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exePRC - [2013/09/12 04:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exePRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\netsession_win.exePRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exePRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exePRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exePRC - [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exePRC - [2012/04/24 20:18:16 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe========== Modules (No Company Name) ==========MOD - [2012/04/24 20:18:24 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dllMOD - [2012/04/24 20:18:06 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll========== Services (SafeList) ==========SRV:64bit: - [2014/02/06 05:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)SRV:64bit: - [2013/11/20 13:45:19 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [2012/12/11 11:59:08 | 000,027,768 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)SRV - [2014/03/03 00:05:29 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2014/02/28 15:23:52 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)SRV - [2014/02/25 16:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)SRV - [2014/02/20 15:14:25 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2014/02/10 14:08:54 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)SRV - [2014/01/22 12:19:38 | 003,788,816 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)SRV - [2014/01/05 12:17:41 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)SRV - [2013/12/18 09:38:40 | 002,102,072 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2013/09/24 01:35:44 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)SRV - [2013/09/12 04:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)SRV - [2012/08/02 11:56:54 | 001,095,824 | ---- | M] (Corel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe -- (RoxMediaDBGame1X)SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)========== Driver Services (SafeList) ==========DRV:64bit: - [2013/11/25 21:47:22 | 000,196,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)DRV:64bit: - [2013/11/25 21:47:20 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)DRV:64bit: - [2013/11/25 21:47:20 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)DRV:64bit: - [2013/09/26 09:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)DRV:64bit: - [2013/08/01 16:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)DRV:64bit: - [2013/06/16 07:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)DRV:64bit: - [2013/05/10 12:01:58 | 002,211,528 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)DRV:64bit: - [2013/01/02 21:31:36 | 000,301,256 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)DRV:64bit: - [2013/01/02 21:31:34 | 000,231,112 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)DRV:64bit: - [2012/08/02 11:18:08 | 000,101,632 | ---- | M] (UT) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uth5x64.sys -- (H5xUSB)DRV:64bit: - [2012/07/10 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)DRV:64bit: - [2012/07/04 13:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)DRV:64bit: - [2012/07/03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)DRV:64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)DRV:64bit: - [2012/04/11 12:30:00 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)DRV:64bit: - [2011/05/13 18:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [2009/07/13 19:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV - [2013/12/16 14:34:30 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)========== Standard Registry (All) ==================== Internet Explorer ==========IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htmIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-RPr1BxOio5wLkvIRnC_RKeSfM_VU_TjThEqKIfnKYSFqoyujh5XeNReHzFSdngg,,&q={searchTerms}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeIE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htmIE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-RPr1BxOio5wLkvIRnC_RKeSfM_VU_TjThEqKIfnKYSFqoyujh5XeNReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-RPr1BxOio5wLkvIRnC_RKeSfM_VU_TjThEqKIfnKYSFqoyujh5XeNReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-da5TTgHn4EYUNRjmouJ4mNpeyckl0eNgH1QizYHE09VaiKXwqb16f8gSdxa3SSg,IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-RPr1BxOio5wLkvIRnC_RKeSfM_VU_TjThEqKIfnKYSFqoyujh5XeNReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-RPr1BxOio5wLkvIRnC_RKeSfM_VU_TjThEqKIfnKYSFqoyujh5XeNReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-RPr1BxOio5wLkvIRnC_RKeSfM_VU_TjThEqKIfnKYSFqoyujh5XeNReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.localIE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ========== FireFox ==========FF - prefs.js..browser.search.useDBForOrder: "false"FF - prefs.js..browser.startup.homepage: "http://www.youtube.com/"FF - prefs.js..extensions.enabledAddons: %7B1F3015A6-75BF-4D05-CE58-E58B646B512F%7D:2.0.0FF - prefs.js..extensions.enabledAddons: %7Be91449cd-6c9e-5d65-e8b4-c9468614f780%7D:1.1FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1FF - prefs.js..keyword.URL: "http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-RPr1BxOio5wLkvIRnC_RKeSfM_VU_TjThEqKIfnKYSFqoyujh5XeNReHzFSdngQ,,&q="FF - user.js - File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)[2014/02/11 18:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions[2014/02/11 18:58:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2014/03/02 20:58:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions[2014/02/28 08:01:20 | 000,000,000 | ---D | M] (User Pinned) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{1F3015A6-75BF-4D05-CE58-E58B646B512F}[2014/03/02 20:58:17 | 000,000,000 | ---D | M] ("Muvic") -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{e91449cd-6c9e-5d65-e8b4-c9468614f780}[2014/02/11 18:58:43 | 000,008,664 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\desktop@clipconverter.cc.xpi[2014/02/25 23:57:12 | 000,552,080 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi[2014/03/02 20:52:56 | 000,022,864 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\searchplugins\Web Search.xml[2014/03/03 00:05:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions[2014/03/03 00:05:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}========== Chrome ==========CHR - homepage: http://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0Nz9Id4b9lGTb8S8mHnLpYPPP_OKyjBhNlueVJPVHJOdmmoem1mBebpf8x_wjnq7-da5TTgHn4EYUNRjmouJ4mNpeyckl0eNgH1QizYHE09VaiKXwqb16f8gSdxa3SSg,CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\O1 HOSTS File: ([2014/03/01 22:09:15 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)O4 - HKU\S-1-5-21-662125380-580819888-2351019072-1000..\Run: [Akamai NetSession Interface] C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)O4 - HKU\S-1-5-21-662125380-580819888-2351019072-1000..\Run: [skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-662125380-580819888-2351019072-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)O13 - gopher Prefix: missingO17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A5E27B4-74E8-4E3D-B099-879B57C8DB3E}: DhcpNameServer = 192.168.1.254O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBB91F37-5C75-4E9C-AFF1-19A45FEEF00A}: DhcpNameServer = 192.168.42.129O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2013/12/07 00:18:22 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]O32 - AutoRun File - [2014/03/01 19:03:52 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)MsConfig:64bit - StartUpReg: AdobeCS6ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)MsConfig:64bit - StartUpReg: HDAudDeck - hkey= - key= - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)MsConfig:64bit - StartUpReg: ISUSPM - hkey= - key= - C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software, Inc.)MsConfig:64bit - StartUpReg: LightShot - hkey= - key= - C:\Users\Chris\AppData\Local\Skillbrains\lightshot\LightShot.exe ()MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)MsConfig:64bit - StartUpReg: WmiPrv - hkey= - key= - C:\Users\Chris\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe (Microsoft)MsConfig:64bit - State: "startup" - Reg Error: Key error.SafeBootMin:64bit: Base - Driver GroupSafeBootMin:64bit: Boot Bus Extender - Driver GroupSafeBootMin:64bit: Boot file system - Driver GroupSafeBootMin:64bit: File system - Driver GroupSafeBootMin:64bit: Filter - Driver GroupSafeBootMin:64bit: HelpSvc - ServiceSafeBootMin:64bit: PCI Configuration - Driver GroupSafeBootMin:64bit: PNP Filter - Driver GroupSafeBootMin:64bit: Primary disk - Driver GroupSafeBootMin:64bit: sacsvr - ServiceSafeBootMin:64bit: SCSI Class - Driver GroupSafeBootMin:64bit: System Bus Extender - Driver GroupSafeBootMin:64bit: vmms - ServiceSafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copySafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllersSafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesSafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 DevicesSafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevicesSafeBootMin: Base - Driver GroupSafeBootMin: Boot Bus Extender - Driver GroupSafeBootMin: Boot file system - Driver GroupSafeBootMin: File system - Driver GroupSafeBootMin: Filter - Driver GroupSafeBootMin: HelpSvc - ServiceSafeBootMin: PCI Configuration - Driver GroupSafeBootMin: PNP Filter - Driver GroupSafeBootMin: Primary disk - Driver GroupSafeBootMin: sacsvr - ServiceSafeBootMin: SCSI Class - Driver GroupSafeBootMin: System Bus Extender - Driver GroupSafeBootMin: vmms - ServiceSafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copySafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllersSafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesSafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 DevicesSafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevicesSafeBootNet:64bit: Base - Driver GroupSafeBootNet:64bit: Boot Bus Extender - Driver GroupSafeBootNet:64bit: Boot file system - Driver GroupSafeBootNet:64bit: File system - Driver GroupSafeBootNet:64bit: Filter - Driver GroupSafeBootNet:64bit: HelpSvc - ServiceSafeBootNet:64bit: Messenger - ServiceSafeBootNet:64bit: NDIS Wrapper - Driver GroupSafeBootNet:64bit: NetBIOSGroup - Driver GroupSafeBootNet:64bit: NetDDEGroup - Driver GroupSafeBootNet:64bit: Network - Driver GroupSafeBootNet:64bit: NetworkProvider - Driver GroupSafeBootNet:64bit: PCI Configuration - Driver GroupSafeBootNet:64bit: PNP Filter - Driver GroupSafeBootNet:64bit: PNP_TDI - Driver GroupSafeBootNet:64bit: Primary disk - Driver GroupSafeBootNet:64bit: rdsessmgr - ServiceSafeBootNet:64bit: sacsvr - ServiceSafeBootNet:64bit: SCSI Class - Driver GroupSafeBootNet:64bit: Streams Drivers - Driver GroupSafeBootNet:64bit: System Bus Extender - Driver GroupSafeBootNet:64bit: TDI - Driver GroupSafeBootNet:64bit: vmms - ServiceSafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)SafeBootNet:64bit: WudfUsbccidDriver - DriverSafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - NetSafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClientSafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetServiceSafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTransSafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readersSafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copySafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllersSafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesSafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 DevicesSafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevicesSafeBootNet: Base - Driver GroupSafeBootNet: Boot Bus Extender - Driver GroupSafeBootNet: Boot file system - Driver GroupSafeBootNet: File system - Driver GroupSafeBootNet: Filter - Driver GroupSafeBootNet: HelpSvc - ServiceSafeBootNet: Messenger - ServiceSafeBootNet: NDIS Wrapper - Driver GroupSafeBootNet: NetBIOSGroup - Driver GroupSafeBootNet: NetDDEGroup - Driver GroupSafeBootNet: Network - Driver GroupSafeBootNet: NetworkProvider - Driver GroupSafeBootNet: PCI Configuration - Driver GroupSafeBootNet: PNP Filter - Driver GroupSafeBootNet: PNP_TDI - Driver GroupSafeBootNet: Primary disk - Driver GroupSafeBootNet: rdsessmgr - ServiceSafeBootNet: sacsvr - ServiceSafeBootNet: SCSI Class - Driver GroupSafeBootNet: Streams Drivers - Driver GroupSafeBootNet: System Bus Extender - Driver GroupSafeBootNet: TDI - Driver GroupSafeBootNet: vmms - ServiceSafeBootNet: WudfUsbccidDriver - DriverSafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - NetSafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClientSafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetServiceSafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTransSafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readersSafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copySafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllersSafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface DevicesSafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 DevicesSafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevicesActiveX:64bit: {04D2F05B-96CF-5C6B-5959-1738DF999D30} - Microsoft Windows Media Player 12.0ActiveX:64bit: {0A632B81-37D3-456D-8D2C-E2D2ED566F8B} - Themes SetupActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dllActiveX:64bit: {2C92A184-A505-B856-460C-39FD99969DFB} - Offline Browsing PackActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing PackActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOEActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawExActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer HelpActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup ToolsActiveX:64bit: {626EA6F6-4706-490D-513B-7F1197ACD03D} - Themes SetupActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing EnhancementsActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media PlayerActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site AccessActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7ActiveX:64bit: {7D064E77-8210-7244-EE00-18F27E9CF558} - Microsoft Windows Media Player 12.0ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET FrameworkActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dllActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfigActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,InstallActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data BindingActiveX:64bit: {B931D688-49AF-E2C4-CD8B-52999B411F2B} - Themes SetupActiveX:64bit: {C288000E-5FC7-1289-B011-5D2E0EC0334B} - Themes SetupActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core FontsActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML HelpActiveX:64bit: {E193458E-5A3D-0B40-E2D2-80B737821FEE} - Offline Browsing PackActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service InterfaceActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET FrameworkActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET FrameworkActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMPActiveX:64bit: >{418EB146-C7FA-40DE-A235-483BD23BDF98} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUPActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dllActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing PackActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOEActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawExActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer HelpActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup ToolsActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing EnhancementsActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media PlayerActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site AccessActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET FrameworkActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET FrameworkActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dllActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,InstallActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data BindingActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core FontsActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML HelpActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service InterfaceActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET FrameworkActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMPDrivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)========== Files/Folders - Created Within 30 Days ==========[2014/03/03 00:05:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox[2014/03/03 00:04:57 | 000,040,248 | ---- | C] (AVG) -- C:\Windows\SysNative\TURegOpt.exe[2014/03/03 00:04:56 | 000,029,496 | ---- | C] (AVG) -- C:\Windows\SysNative\authuitu.dll[2014/03/03 00:04:56 | 000,025,400 | ---- | C] (AVG) -- C:\Windows\SysWow64\authuitu.dll[2014/03/03 00:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014[2014/03/03 00:04:38 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVG[2014/03/03 00:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG[2014/03/03 00:01:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}[2014/03/02 23:49:49 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVG2014[2014/03/02 23:48:54 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\TuneUp Software[2014/03/02 23:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG[2014/03/02 23:48:22 | 000,000,000 | -H-D | C] -- C:\$AVG[2014/03/02 23:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014[2014/03/02 23:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG[2014/03/02 23:45:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files[2014/03/02 23:45:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\MFAData[2014/03/02 23:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData[2014/03/02 23:45:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Avg2014[2014/03/02 20:58:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service[2014/03/02 20:58:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox.bak[2014/03/02 20:54:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uninstaller[2014/03/02 20:54:08 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Skype[2014/03/02 20:53:52 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype[2014/03/02 20:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype[2014/03/02 20:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype[2014/03/02 18:26:01 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warframe[2014/03/02 14:49:16 | 000,000,000 | ---D | C] -- C:\FRST[2014/03/01 23:31:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN[2014/03/01 23:31:18 | 000,000,000 | ---D | C] -- C:\Windows\temp[2014/03/01 21:57:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe[2014/03/01 21:57:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe[2014/03/01 21:57:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe[2014/03/01 21:57:51 | 000,000,000 | ---D | C] -- C:\Qoobox[2014/03/01 21:57:40 | 000,000,000 | ---D | C] -- C:\Windows\erdnt[2014/03/01 19:55:33 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Clean[2014/03/01 19:29:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner[2014/03/01 19:26:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\ElevatedDiagnostics[2014/03/01 19:08:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\PCFixKit[2014/03/01 19:08:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFixKit[2014/03/01 19:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group[2014/03/01 19:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard[2014/03/01 18:36:26 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Shell Extension[2014/02/28 07:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache[2014/02/28 07:34:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate[2014/02/28 02:52:50 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\DriverToolkit[2014/02/28 02:52:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverToolkit[2014/02/27 02:29:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\yep[2014/02/24 20:26:02 | 000,000,000 | ---D | C] -- C:\Windows\Migration[2014/02/23 23:22:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16[2014/02/18 13:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake[2014/02/16 13:00:57 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\Respawn[2014/02/16 10:47:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\headus[2014/02/15 15:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Convert Audio Free[2014/02/12 18:54:31 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll[2014/02/12 18:53:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2014/02/12 18:53:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll[2014/02/12 18:53:58 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2014/02/12 18:53:57 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2014/02/12 18:53:57 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe[2014/02/12 18:53:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll[2014/02/12 18:53:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll[2014/02/12 18:53:55 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2014/02/12 18:53:55 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2014/02/12 18:53:55 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2014/02/12 18:53:55 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe[2014/02/12 18:53:55 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll[2014/02/12 18:53:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2014/02/12 18:53:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll[2014/02/12 18:53:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll[2014/02/12 18:53:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2014/02/12 18:53:54 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll[2014/02/12 18:53:54 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll[2014/02/12 18:53:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2014/02/12 18:53:54 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll[2014/02/12 18:53:53 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2014/02/12 18:53:52 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2014/02/12 18:53:51 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2014/02/12 11:17:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll[2014/02/12 11:17:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll[2014/02/12 11:17:52 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe[2014/02/12 11:17:52 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe[2014/02/12 11:17:52 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe[2014/02/12 11:17:51 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe[2014/02/12 11:17:51 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe[2014/02/12 11:17:51 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe[2014/02/12 11:17:51 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll[2014/02/12 11:17:51 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe[2014/02/12 11:17:51 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe[2014/02/12 11:17:51 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll[2014/02/12 11:17:51 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll[2014/02/12 11:17:51 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll[2014/02/12 11:17:51 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll[2014/02/12 11:17:51 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll[2014/02/12 11:17:51 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll[2014/02/12 11:17:51 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll[2014/02/12 11:17:51 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll[2014/02/12 11:17:47 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll[2014/02/12 11:17:47 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll[2014/02/11 18:58:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\ClipConverter[2014/02/11 18:58:19 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClipConverter[2014/02/11 18:57:44 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Lunaweb[2014/02/01 21:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games[2014/02/01 21:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2014/03/03 06:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2014/03/03 06:06:07 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2014/03/03 05:32:03 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000UA.job[2014/03/03 05:02:22 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-662125380-580819888-2351019072-1000.job[2014/03/03 03:25:55 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2014/03/03 03:25:55 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2014/03/03 03:25:20 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2014/03/03 03:18:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2014/03/03 03:17:57 | 2132,959,231 | -HS- | M] () -- C:\hiberfil.sys[2014/03/03 03:17:11 | 000,003,560 | ---- | M] () -- C:\bootsqm.dat[2014/03/03 00:04:47 | 000,002,232 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk[2014/03/03 00:04:47 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk[2014/03/02 23:48:54 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk[2014/03/02 22:59:01 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\update-sys.job[2014/03/02 20:58:12 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk[2014/03/02 20:53:52 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk[2014/03/02 14:47:03 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2014/03/02 00:18:05 | 000,000,355 | ---- | M] () -- C:\Users\Chris\Desktop\Computer - Shortcut.lnk[2014/03/01 22:09:15 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts[2014/03/01 20:05:30 | 000,000,017 | ---- | M] () -- C:\Users\Chris\AppData\Local\resmon.resmoncfg[2014/03/01 19:03:52 | 000,000,000 | ---- | M] () -- C:\autoexec.bat[2014/02/28 02:37:56 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2014/02/28 02:37:56 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2014/02/28 02:37:56 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2014/02/27 10:32:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000Core.job[2014/02/25 18:24:49 | 000,000,132 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Adobe Targa Format CS6 Prefs[2014/02/25 15:22:06 | 000,774,592 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2014/02/21 17:08:56 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk[2014/02/20 15:14:25 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2014/02/20 15:14:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[2014/02/18 13:23:08 | 000,001,339 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk[2014/02/16 10:47:48 | 000,001,178 | ---- | M] () -- C:\Users\Chris\Desktop\uvlayout - Shortcut.lnk[2014/02/14 21:16:19 | 000,000,252 | ---- | M] () -- C:\Users\Chris\Desktop\spanish.rtf[2014/02/11 22:15:06 | 000,000,132 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Adobe PNG Format CS6 Prefs[2014/02/11 18:58:33 | 000,001,151 | ---- | M] () -- C:\Users\Chris\Desktop\ClipConverter.lnk[2014/02/06 06:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll[2014/02/06 06:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll[2014/02/06 06:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll[2014/02/06 05:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll[2014/02/06 05:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2014/02/06 05:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2014/02/06 05:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe[2014/02/06 05:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll[2014/02/06 05:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe[2014/02/06 05:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll[2014/02/06 05:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2014/02/06 05:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2014/02/06 05:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll[2014/02/06 04:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2014/02/06 04:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2014/02/06 04:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2014/02/06 04:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2014/02/06 04:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2014/02/06 04:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll[2014/02/06 04:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2014/02/06 04:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2014/02/06 03:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll[2014/02/06 03:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2014/02/01 21:32:07 | 000,001,003 | ---- | M] () -- C:\Users\Chris\Desktop\GameSpy Arcade.lnk[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]========== Files Created - No Company Name ==========[2014/03/03 03:17:11 | 000,003,560 | ---- | C] () -- C:\bootsqm.dat[2014/03/03 00:04:47 | 000,002,232 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk[2014/03/03 00:04:47 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk[2014/03/03 00:04:46 | 000,002,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk[2014/03/02 23:48:54 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk[2014/03/02 20:58:12 | 000,001,166 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk[2014/03/02 20:58:12 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk[2014/03/02 20:53:52 | 000,002,697 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk[2014/03/02 00:08:36 | 000,000,355 | ---- | C] () -- C:\Users\Chris\Desktop\Computer - Shortcut.lnk[2014/03/01 21:57:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe[2014/03/01 21:57:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe[2014/03/01 21:57:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2014/03/01 21:57:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2014/03/01 21:57:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2014/03/01 20:05:30 | 000,000,017 | ---- | C] () -- C:\Users\Chris\AppData\Local\resmon.resmoncfg[2014/03/01 19:03:52 | 000,000,000 | ---- | C] () -- C:\autoexec.bat[2014/02/18 13:23:08 | 000,001,339 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk[2014/02/16 10:47:48 | 000,001,178 | ---- | C] () -- C:\Users\Chris\Desktop\uvlayout - Shortcut.lnk[2014/02/14 21:16:19 | 000,000,252 | ---- | C] () -- C:\Users\Chris\Desktop\spanish.rtf[2014/02/11 18:58:33 | 000,001,151 | ---- | C] () -- C:\Users\Chris\Desktop\ClipConverter.lnk[2014/02/01 21:32:07 | 000,001,003 | ---- | C] () -- C:\Users\Chris\Desktop\GameSpy Arcade.lnk[2014/01/26 16:45:43 | 000,000,020 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\SoundCloudDownloaderSettings.ini[2014/01/05 12:17:42 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe[2014/01/05 12:17:41 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe[2013/12/06 23:27:47 | 000,000,132 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Adobe Targa Format CS6 Prefs[2013/12/03 17:12:20 | 000,000,132 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Adobe PNG Format CS6 Prefs[2013/11/21 13:19:33 | 000,000,044 | ---- | C] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat[2013/11/21 13:19:33 | 000,000,024 | ---- | C] () -- C:\Users\Chris\random.dat[2013/11/21 13:19:28 | 000,000,023 | ---- | C] () -- C:\Users\Chris\jagexappletviewer.preferences[2013/11/19 16:08:06 | 000,000,096 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\version2.xml[2013/11/16 17:07:43 | 000,000,441 | ---- | C] () -- C:\Users\Chris\AppData\Local\UserProducts.xml[2013/11/16 16:28:34 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI========== ZeroAccess Check ==========[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 3, 2014 Author ID:798652 Share Posted March 3, 2014 [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]========== LOP Check ==========[2013/12/07 17:34:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Autodesk[2014/03/03 00:04:38 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVG[2014/03/02 23:49:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVG2014[2013/11/16 16:26:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Awesomium[2014/01/27 20:29:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Battle.net[2014/01/26 16:40:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Convert Audio Free[2014/01/26 18:14:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Free Picture Solutions[2013/12/02 14:25:57 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Kits[2013/11/17 19:16:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LolClient[2014/02/11 18:58:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Lunaweb[2013/12/02 14:29:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Luxology[2013/11/22 14:18:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mirillis[2013/11/30 18:58:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice[2014/01/05 06:23:39 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Origin[2014/03/01 19:08:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PCFixKit[2014/01/21 11:27:43 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PDAppFlex[2013/11/17 03:08:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Publish Providers[2013/11/17 16:45:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Riot Games[2013/11/22 02:39:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SecondLife[2014/03/03 00:10:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony[2013/12/15 21:21:28 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony Creative Software Inc[2013/11/19 16:02:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sytexis Software[2014/01/13 03:07:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TS3Client[2014/03/02 23:48:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TuneUp Software[2013/12/03 16:59:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Unity[2014/03/02 20:00:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent========== Purity Check ==================== Custom Scans ==========< %SYSTEMDRIVE%\*.* >[2014/03/01 19:03:52 | 000,000,000 | ---- | M] () -- C:\autoexec.bat[2014/03/03 03:17:11 | 000,003,560 | ---- | M] () -- C:\bootsqm.dat[2014/03/01 23:31:17 | 000,014,152 | ---- | M] () -- C:\ComboFix.txt[2014/03/03 03:17:57 | 2132,959,231 | -HS- | M] () -- C:\hiberfil.sys[2014/03/03 03:17:57 | 4275,605,503 | -HS- | M] () -- C:\pagefile.sys< %SYSTEMDRIVE%\*. >[2014/03/02 23:48:22 | 000,000,000 | -H-D | M] -- C:\$AVG[2014/03/01 23:31:21 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN[2013/11/21 13:19:29 | 000,000,000 | ---D | M] -- C:\.jagex_cache_32[2014/03/02 03:32:06 | 000,000,000 | ---D | M] -- C:\AdwCleaner[2013/12/07 00:18:22 | 000,000,000 | ---D | M] -- C:\Autodesk[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings[2013/11/19 16:00:28 | 000,000,000 | ---D | M] -- C:\Fraps[2014/03/02 14:58:21 | 000,000,000 | ---D | M] -- C:\FRST[2009/07/13 22:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs[2014/03/01 19:03:29 | 000,000,000 | R--D | M] -- C:\Program Files[2014/03/03 00:12:15 | 000,000,000 | R--D | M] -- C:\Program Files (x86)[2014/03/03 00:01:48 | 000,000,000 | ---D | M] -- C:\ProgramData[2014/03/01 23:31:19 | 000,000,000 | ---D | M] -- C:\Qoobox[2013/11/16 14:40:28 | 000,000,000 | ---D | M] -- C:\Recovery[2013/11/17 16:46:42 | 000,000,000 | ---D | M] -- C:\Riot Games[2014/03/03 05:36:33 | 000,000,000 | -HSD | M] -- C:\System Volume Information[2014/01/15 10:08:45 | 000,000,000 | ---D | M] -- C:\UDK[2013/11/16 14:40:31 | 000,000,000 | R--D | M] -- C:\Users[2013/11/19 15:49:58 | 000,000,000 | ---D | M] -- C:\UtilityOnlineMarch09[2014/03/03 00:01:30 | 000,000,000 | ---D | M] -- C:\Windows< %USERPROFILE%\*.* >[2014/01/09 06:33:59 | 000,000,023 | ---- | M] () -- C:\Users\Chris\jagexappletviewer.preferences[2014/01/09 06:10:15 | 000,000,044 | ---- | M] () -- C:\Users\Chris\jagex_cl_runescape_LIVE.dat[2014/03/03 06:19:11 | 002,883,584 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT[2014/03/03 06:19:11 | 000,262,144 | -HS- | M] () -- C:\Users\Chris\ntuser.dat.LOG1[2013/11/16 14:40:31 | 000,000,000 | -HS- | M] () -- C:\Users\Chris\ntuser.dat.LOG2[2013/11/16 14:42:26 | 000,065,536 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf[2013/11/16 14:42:26 | 000,524,288 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms[2013/11/16 14:42:26 | 000,524,288 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms[2013/11/16 14:40:31 | 000,000,020 | -HS- | M] () -- C:\Users\Chris\ntuser.ini[2014/01/09 07:32:51 | 000,000,024 | ---- | M] () -- C:\Users\Chris\random.dat< %USERPROFILE%\*. >[2013/11/16 14:40:31 | 000,000,000 | -H-D | M] -- C:\Users\Chris\AppData[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\Application Data[2014/02/18 01:22:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\ClipConverter[2013/11/17 12:35:09 | 000,000,000 | R--D | M] -- C:\Users\Chris\Contacts[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\Cookies[2014/03/03 06:12:15 | 000,000,000 | R--D | M] -- C:\Users\Chris\Desktop[2014/03/02 01:40:04 | 000,000,000 | R--D | M] -- C:\Users\Chris\Documents[2014/03/03 06:12:03 | 000,000,000 | R--D | M] -- C:\Users\Chris\Downloads[2013/11/17 12:35:09 | 000,000,000 | R--D | M] -- C:\Users\Chris\Favorites[2013/11/21 13:19:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\jagexcache[2013/11/17 12:35:09 | 000,000,000 | R--D | M] -- C:\Users\Chris\Links[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\Local Settings[2014/02/28 00:03:36 | 000,000,000 | R--D | M] -- C:\Users\Chris\Music[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\My Documents[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\NetHood[2014/03/02 18:53:21 | 000,000,000 | R--D | M] -- C:\Users\Chris\Pictures[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\PrintHood[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\Recent[2014/03/02 00:24:00 | 000,000,000 | R--D | M] -- C:\Users\Chris\Saved Games[2014/01/09 06:09:58 | 000,000,000 | R--D | M] -- C:\Users\Chris\Searches[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\SendTo[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\Start Menu[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\Templates[2014/02/26 14:45:44 | 000,000,000 | R--D | M] -- C:\Users\Chris\Videos< %USERPROFILE%\*.exe /s >[2013/06/04 23:47:02 | 000,142,576 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\admintool.exe[2013/06/05 00:55:50 | 004,415,736 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\ControlPanel.exe[2013/11/17 17:25:31 | 010,028,936 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\netsession_installer.exe[2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe[2013/06/05 01:01:50 | 006,339,816 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\rswinui.exe[2013/06/05 01:01:50 | 002,244,336 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Chris\AppData\Local\Akamai\uninstall.exe[2014/02/22 23:10:58 | 000,064,384 | ---- | M] (Google) -- C:\Users\Chris\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe[2014/02/22 23:11:10 | 000,150,400 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Google Talk Plugin\reporter.exe[2013/12/12 01:54:48 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe[2014/02/16 10:27:12 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe[2014/02/16 10:27:12 | 000,273,800 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe[2014/02/16 10:27:12 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\GoogleUpdate.exe[2014/02/16 10:27:12 | 000,051,080 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\GoogleUpdateBroker.exe[2014/02/16 10:27:12 | 000,051,080 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe[2014/01/30 21:59:00 | 000,847,640 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\1.3.22.5\GoogleUpdateSetup.exe[2014/01/30 21:59:00 | 000,847,640 | ---- | M] (Google Inc.) -- C:\Users\Chris\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe[2013/12/02 14:20:30 | 000,125,334 | ---- | M] () -- C:\Users\Chris\AppData\Local\Luxology\modo\701\58358\uninstall.exe[2014/01/05 22:32:36 | 000,280,904 | ---- | M] () -- C:\Users\Chris\AppData\Local\PunkBuster\BF3\pb\PnkBstrB.exe[2013/09/27 13:40:02 | 000,226,592 | ---- | M] () -- C:\Users\Chris\AppData\Local\Skillbrains\lightshot\LightShot.exe[2013/11/16 17:07:37 | 001,535,776 | ---- | M] () -- C:\Users\Chris\AppData\Local\Skillbrains\lightshot\unins000.exe[2013/09/27 13:39:50 | 000,313,120 | ---- | M] (Skillbrains) -- C:\Users\Chris\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe[2014/03/02 20:57:51 | 024,039,048 | ---- | M] (Mozilla) -- C:\Users\Chris\AppData\Local\Temp\6_Offer_20.exe[2014/03/03 03:36:07 | 000,510,848 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\AppData\Local\Temp\AKGCJMV.exe[2014/03/02 20:57:19 | 001,365,784 | ---- | M] (@@@) -- C:\Users\Chris\AppData\Local\Temp\DM1393811819.exe[2014/03/03 03:36:35 | 000,514,944 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\AppData\Local\Temp\LDYDB.exe[2014/03/03 04:04:58 | 000,433,024 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\AppData\Local\Temp\MVOZ.exe[74 C:\Users\Chris\AppData\Local\Temp\*.tmp files -> C:\Users\Chris\AppData\Local\Temp\*.tmp -> ][2014/03/02 20:52:32 | 010,165,280 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\26cff349-121a-4dac-b684-3df883f2df20\software\Installer.exe[2014/03/02 20:53:39 | 034,829,472 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Chris\AppData\Local\Temp\26cff349-121a-4dac-b684-3df883f2df20\software\SkypeSetupFull.exe[2014/03/02 23:45:29 | 004,462,392 | ---- | M] (AVG Technologies) -- C:\Users\Chris\AppData\Local\Temp\pgkkdko9.tmp\avg_isct_stb_all_2014_4335.exe[2014/03/02 20:57:12 | 000,108,024 | ---- | M] () -- C:\Users\Chris\AppData\Local\Temp\w45qp3mh.tmp\Firefox.exe[2013/12/03 16:56:40 | 000,644,396 | ---- | M] (Unity Technologies ApS) -- C:\Users\Chris\AppData\Local\Unity\WebPlayer\Uninstall.exe[2014/02/04 20:43:02 | 000,640,024 | ---- | M] (Digital Extremes) -- C:\Users\Chris\AppData\Local\Warframe\Downloaded\Dev\Tools\Launcher.exe[2014/03/02 18:26:33 | 000,537,432 | ---- | M] (Microsoft Corporation) -- C:\Users\Chris\AppData\Local\Warframe\Downloaded\Public\Drivers\DirectX9\DXSETUP.exe[2014/02/04 20:43:02 | 000,640,024 | ---- | M] (Digital Extremes) -- C:\Users\Chris\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe[2014/02/04 20:43:02 | 000,640,024 | ---- | M] (Digital Extremes) -- C:\Users\Chris\AppData\Local\Warframe\Downloaded\Test\Tools\Launcher.exe[2014/01/15 09:35:33 | 000,145,408 | ---- | M] () -- C:\Users\Chris\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe[2013/11/25 13:07:56 | 000,740,936 | ---- | M] (Unity Technologies ApS) -- C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\UnityBugReporter.exe[2013/11/25 13:07:54 | 000,581,192 | ---- | M] (Unity Technologies ApS) -- C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\UnityWebPlayerUpdate.exe[2014/02/28 16:47:49 | 000,580,096 | ---- | M] (Microsoft) -- C:\Users\Chris\AppData\Roaming\Adobe\WmiPrv\WmiPrvSE.exe[2012/09/10 12:05:05 | 000,020,480 | ---- | M] (Lunaweb Ltd.) -- C:\Users\Chris\AppData\Roaming\Lunaweb\ClipConverter\ClipConverter.exe[2012/08/21 20:13:17 | 020,045,312 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Lunaweb\ClipConverter\data\bin\ffmpeg.exe[2012/10/20 10:51:19 | 005,049,704 | ---- | M] (Joyent, Inc) -- C:\Users\Chris\AppData\Roaming\Lunaweb\ClipConverter\data\bin\node.exe[2014/03/02 18:26:01 | 000,011,502 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{2937C578-0CDD-4936-A869-912FD029436E}\Launcher.exe[2013/11/22 14:18:32 | 000,087,182 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_09912A6E70625970AC72AF.exe[2013/11/22 14:18:32 | 000,009,662 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_1A67533F0F4D8CFF9EA64A.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_1E02B3D8732010A792DC8B.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_21F3885A18D238E15AAE81.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_415493353D745EEA216D94.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_6FEFF9B68218417F98F549.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_806048DC66200FE6D24FF3.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_85972F4A73DF7EADFBAFC2.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_934312A2105DE40686D86A.exe[2013/11/22 14:18:32 | 000,087,182 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_A4F3F1A9C4AF386B556FEA.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_A753214149FB4F8721C1CB.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_A7A1F24988209FFD6FF84A.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_C7EFEC170C2E3BE8B9D183.exe[2013/11/22 14:18:32 | 000,087,182 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_CDA0188CE4AD2FE79AB186.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_CF15DB293FB3ABD44856FB.exe[2013/11/22 14:18:32 | 000,087,182 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_D65D4A8C83A3E44545A2D1.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_D707CE1C009F1381803C2C.exe[2013/11/22 14:18:32 | 000,287,934 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{8B4A6011-BB10-4918-B561-3F6CF5712B37}\_FD8B6BA922FF5C34868F02.exe[2013/11/21 13:19:02 | 000,009,662 | R--- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}\launcher.exe[2013/11/16 17:03:34 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe[2013/11/16 17:03:34 | 001,142,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\Chris\AppData\Roaming\uTorrent\updates\3.3.2_30303.exe[2013/11/21 00:04:40 | 002,799,296 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\Desktop\procexp.exe[2013/10/30 23:05:10 | 044,543,488 | ---- | M] () -- C:\Users\Chris\Desktop\3D-Coat-V4\3D-CoatDX64C.exe[2013/10/30 23:05:08 | 043,992,576 | ---- | M] () -- C:\Users\Chris\Desktop\3D-Coat-V4\3D-CoatDX64S.exe[2013/10/30 23:05:10 | 038,345,728 | ---- | M] () -- C:\Users\Chris\Desktop\3D-Coat-V4\3D-CoatGL64C.exe[2013/10/30 23:05:10 | 037,808,640 | ---- | M] () -- C:\Users\Chris\Desktop\3D-Coat-V4\3D-CoatGL64S.exe[2008/06/19 01:14:18 | 000,056,832 | ---- | M] () -- C:\Users\Chris\Desktop\3D-Coat-V4\SetAdminShortcut.exe[2013/10/30 23:01:00 | 000,162,581 | ---- | M] () -- C:\Users\Chris\Desktop\3D-Coat-V4\Uninstall.exe[2002/02/11 00:53:58 | 000,006,144 | R--- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V01 - General Textures\winopen.exe[2002/02/10 18:53:58 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V04 - Humans and Creatures\winopen.exe[2002/02/10 18:53:58 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V05 - Dirt and Grafitti\winopen.exe[2004/07/14 14:31:32 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V06 - Clean Textures\winopen.exe[2004/07/22 16:12:36 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V07 - Sci-fi\winopen.exe[2002/02/11 01:53:58 | 000,006,144 | R--- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V09 - Ancient Tribes & Civilisations\winopen.exe[2005/11/05 22:13:13 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V10 - Trees and Plants\winopen.exe[2005/02/11 11:44:58 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V11 - Alien Organic\winopen.exe[2005/02/11 12:02:30 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V12 - Textures from around the World 1\winopen.exe[2005/02/11 12:17:00 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V13 - Textures from around the World 2\winopen.exe[2005/11/05 22:28:58 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V14 - Fantasy\winopen.exe[2002/02/10 22:53:58 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V15 - Toon Textures\winopen.exe[2002/02/10 22:53:58 | 000,006,144 | ---- | M] () -- C:\Users\Chris\Desktop\3DTotal Total Textures 1-16\Total Textures V15 - Toon Textures\Total Textures V15 - Toon Textures\winopen.exe[2014/03/01 19:56:43 | 001,244,192 | ---- | M] () -- C:\Users\Chris\Desktop\Clean\AdwCleaner.exe[2014/03/03 05:00:54 | 005,185,084 | ---- | M] (Swearware) -- C:\Users\Chris\Desktop\Clean\ComboFix.exe[2014/03/02 14:47:36 | 002,156,544 | ---- | M] (Farbar) -- C:\Users\Chris\Desktop\Clean\FRST64.exe[2013/01/01 16:53:58 | 005,431,296 | ---- | M] (Monolith Productions, Inc.) -- C:\Users\Chris\Desktop\F.E.A.R\FEARMP.exe[2013/09/20 07:13:38 | 000,475,136 | ---- | M] () -- C:\Users\Chris\Desktop\OpenOffice 4.0.1 (en-US) Installation Files\setup.exe[2013/09/20 07:13:38 | 005,207,896 | ---- | M] (Microsoft Corporation) -- C:\Users\Chris\Desktop\OpenOffice 4.0.1 (en-US) Installation Files\redist\vcredist_x64.exe[2013/09/20 07:13:38 | 004,479,832 | ---- | M] (Microsoft Corporation) -- C:\Users\Chris\Desktop\OpenOffice 4.0.1 (en-US) Installation Files\redist\vcredist_x86.exe[2012/08/01 06:34:16 | 005,185,536 | ---- | M] () -- C:\Users\Chris\Desktop\Playstation 2\pcsx2-r5350.exe[2007/08/27 21:47:37 | 001,912,832 | R--- | M] () -- C:\Users\Chris\Desktop\Playstation\psxfin.exe[2007/07/22 23:06:30 | 000,155,648 | R--- | M] () -- C:\Users\Chris\Desktop\Playstation\utils\cdztool.exe[2013/12/28 04:55:00 | 002,046,484 | ---- | M] () -- C:\Users\Chris\Desktop\Pokemmo\PokeMMO.exe[2013/07/31 13:08:14 | 002,799,296 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\Desktop\Process Explorer\procexp.exe[2013/11/27 17:10:32 | 011,276,800 | ---- | M] () -- C:\Users\Chris\Desktop\Ragsoul\Ragsoul_Game\Ragsoul_Game\Rag_game.exe[2013/09/05 08:25:44 | 000,170,080 | ---- | M] (NirSoft) -- C:\Users\Chris\Desktop\Shell Extension\shexview.exe[2013/02/15 22:28:40 | 021,394,944 | ---- | M] () -- C:\Users\Chris\Desktop\StreetFighter\Converter\bin\ffmpeg.exe[2013/02/16 16:10:50 | 002,970,624 | ---- | M] () -- C:\Users\Chris\Desktop\StreetFighter\Converter\bin\ffmpegwrapper.exe[2013/02/15 22:28:40 | 021,330,944 | ---- | M] () -- C:\Users\Chris\Desktop\StreetFighter\Converter\bin\ffplay.exe[2013/02/15 22:28:40 | 021,339,136 | ---- | M] () -- C:\Users\Chris\Desktop\StreetFighter\Converter\bin\ffprobe.exe[2008/10/24 19:10:40 | 000,880,640 | ---- | M] (USC Institute For Creative Technologies) -- C:\Users\Chris\Desktop\Text and Lighting\HDRShop.exe[2014/01/21 12:05:56 | 1874,254,921 | ---- | M] () -- C:\Users\Chris\Desktop\TO\ADOBE PHOTOSHOP CS6 EXTENDED EDITION INSTALLER PACK-2010kaiser.exe[2013/11/28 07:07:50 | 154,348,096 | ---- | M] (Online Media Technologies Ltd. ) -- C:\Users\Chris\Desktop\TO\AVS Video Editor 6.4.1.240 Incl Patch (MPT) - KurdTM\AVS.Video.Editor.6.4.1.240.exe[2013/12/02 13:55:19 | 200,701,864 | ---- | M] () -- C:\Users\Chris\Desktop\TO\LUXOLOGY_MODO_V7.0.1-XFORCE\MODO_701_win.exe[2013/12/02 13:54:20 | 000,344,064 | ---- | M] () -- C:\Users\Chris\Desktop\TO\LUXOLOGY_MODO_V7.0.1-XFORCE\Crack\XF-Modo701-KG.exe[2013/11/19 16:33:30 | 070,284,386 | ---- | M] (ChattChitto RG©) -- C:\Users\Chris\Desktop\TO\SnagIt v11.0.0.207 + Serials [ChattChitto RG]\SnagIt v11.0.0.207 + Serials [ChattChitto RG].exe[2014/01/16 14:42:41 | 232,464,368 | ---- | M] (Sony Creative Software Inc.) -- C:\Users\Chris\Desktop\TO\Sony Vegas Pro 12 Build 367 (64 bit patch-KHG) [ChingLiu]\vegaspro12.0.367.exe[2007/12/09 16:44:02 | 000,020,480 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\claunch-uvlayout.exe[2007/12/09 16:44:02 | 000,020,480 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\claunch.exe[2007/12/09 17:00:04 | 000,708,608 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\cyeatP.exe[2007/12/09 16:50:22 | 000,258,048 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\cysliceP.exe[2007/12/09 16:44:06 | 000,024,576 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\headush.exe[2007/12/09 16:44:20 | 000,049,152 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\hfilesel.exe[2007/12/09 16:45:12 | 000,200,704 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\hlmanager.exe[2007/12/09 16:44:32 | 000,106,496 | ---- | M] (headus (metamorphosis) Pty Ltd) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\howin32.exe[2007/12/09 16:45:06 | 000,077,824 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\iview.exe[2007/12/09 16:45:14 | 000,053,248 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\kbstate.exe[2007/12/09 16:43:44 | 000,028,672 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\obj2ply.exe[2007/11/28 23:50:58 | 000,020,480 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\ply2dxf.exe[2007/12/09 16:43:48 | 000,024,576 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\ply2obj.exe[2007/12/09 16:43:58 | 000,053,248 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\plyop.exe[2007/12/09 16:44:42 | 000,069,632 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\plyview.exe[2007/12/09 16:44:08 | 000,020,480 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\scrsave.exe[2007/12/09 14:00:04 | 000,057,344 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\uvlayout.exe[2007/12/09 13:44:54 | 000,081,920 | ---- | M] (headus (metamorphosis)) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\vgui.exe[2007/12/24 16:19:58 | 010,393,400 | ---- | M] (headus ) -- C:\Users\Chris\Desktop\UVLayout v2 Professional\HEADUS_UVLAYOUT_V2.00.05_PRO\iuvlayout-pro-2.00.05.exe[2013/04/29 02:30:46 | 013,592,144 | ---- | M] (Blizzard Entertainment) -- C:\Users\Chris\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\MonsterWoW-x64.exe[2012/04/16 11:52:22 | 000,083,024 | ---- | M] () -- C:\Users\Chris\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\MovieProxy.exe[2013/11/27 15:22:33 | 006,396,128 | ---- | M] (Blizzard Entertainment) -- C:\Users\Chris\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\World of Warcraft - Cataclysm 4.3.4 (15595)\BackgroundDownloader.exe[2013/11/27 14:01:44 | 010,474,064 | ---- | M] (Blizzard Entertainment) -- C:\Users\Chris\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\World of Warcraft - Cataclysm 4.3.4 (15595)\Wow.exe[2013/11/27 13:55:24 | 000,092,240 | ---- | M] () -- C:\Users\Chris\Desktop\World of Warcraft - Cataclysm 4.3.4 (15595)\World of Warcraft - Cataclysm 4.3.4 (15595)\WowError.exe[2014/03/03 00:00:14 | 078,353,832 | ---- | M] (AVG) -- C:\Users\Chris\Downloads\avg_tuh_stf_all_2014_295_24c4.exe[2011/11/11 14:33:54 | 000,009,728 | ---- | M] () -- C:\Users\Chris\jagexcache\jagexlauncher\bin\JagexLauncher.exe< %USERPROFILE%\Documents\*.* >[2013/11/17 12:35:09 | 000,000,402 | -HS- | M] () -- C:\Users\Chris\Documents\desktop.ini[2013/11/19 16:05:34 | 000,001,362 | ---- | M] () -- C:\Users\Chris\Documents\DSRecorder.txt[2013/11/16 18:07:00 | 000,112,820 | ---- | M] () -- C:\Users\Chris\Documents\Install STAR WARS The Old Republic.log[2013/12/16 11:16:43 | 000,003,004 | ---- | M] () -- C:\Users\Chris\Documents\Register Vegas Pro.htm< %USERPROFILE%\Downloads\*.* >[2014/03/03 00:00:14 | 078,353,832 | ---- | M] (AVG) -- C:\Users\Chris\Downloads\avg_tuh_stf_all_2014_295_24c4.exe[2013/11/17 12:35:09 | 000,000,282 | -HS- | M] () -- C:\Users\Chris\Downloads\desktop.ini< %USERPROFILE%\AppData\Local\*.* >[2014/01/21 12:19:13 | 000,083,856 | ---- | M] () -- C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT[2014/03/03 00:39:49 | 005,157,258 | -H-- | M] () -- C:\Users\Chris\AppData\Local\IconCache.db[2014/03/01 20:05:30 | 000,000,017 | ---- | M] () -- C:\Users\Chris\AppData\Local\resmon.resmoncfg[2013/11/16 17:07:42 | 000,000,003 | ---- | M] () -- C:\Users\Chris\AppData\Local\updater.log[2013/11/16 17:07:43 | 000,000,441 | ---- | M] () -- C:\Users\Chris\AppData\Local\UserProducts.xml< %USERPROFILE%\AppData\Local\*. >[2014/03/02 03:30:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Adobe[2014/01/21 12:11:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Adobe Tool[2013/11/17 17:25:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Akamai[2013/11/17 16:42:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Apple[2013/12/03 16:57:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Apple Computer[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Local\Application Data[2014/03/01 22:05:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\assembly[2013/11/18 19:22:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Autodesk[2014/03/02 23:52:24 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Avg2014[2013/11/20 13:22:24 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\backburner[2014/01/29 17:16:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Battle.net[2014/01/27 20:47:02 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Blizzard[2014/01/27 20:20:42 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Blizzard Entertainment[2013/11/17 12:44:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Corel_Corporation[2014/03/03 04:05:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\CrashDumps[2014/03/02 19:45:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Diagnostics[2014/02/28 02:52:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\DriverToolkit[2014/03/02 19:45:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\ElevatedDiagnostics[2014/01/05 22:32:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\ESN[2014/01/26 18:14:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Free Picture Solutions[2014/01/30 14:21:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google[2014/02/16 11:40:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\headus[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Local\History[2013/12/02 14:20:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Luxology[2013/11/16 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Macromedia[2014/03/02 23:45:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\MFAData[2014/01/30 12:00:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Microsoft[2014/02/24 18:46:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Mirillis[2013/11/27 02:32:12 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Mozilla[2014/01/05 22:28:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Origin[2013/12/12 03:24:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\PMB Files[2013/11/16 17:07:38 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Programs[2014/01/05 22:32:33 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\PunkBuster[2013/11/22 02:50:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\SecondLife[2013/11/16 17:07:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Skillbrains[2014/03/02 20:54:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Skype[2013/11/17 03:08:01 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Sony[2013/11/16 20:07:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\SWTOR[2013/11/16 18:08:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\SWTORPerf[2013/11/19 16:21:50 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\TechSmith[2014/03/03 06:18:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Temp[2013/11/16 14:40:31 | 000,000,000 | -HSD | M] -- C:\Users\Chris\AppData\Local\Temporary Internet Files[2013/12/03 16:57:06 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Unity[2013/11/17 16:51:38 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\VirtualStore[2014/03/02 18:55:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Warframe< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\Default\*.* >[2013/12/12 01:50:30 | 000,001,023 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Bookmarks[2013/12/12 01:50:30 | 000,001,023 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak[2014/03/03 00:11:03 | 000,008,192 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies[2014/02/09 13:04:20 | 000,038,912 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Favicons[2014/01/27 17:57:20 | 000,181,623 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico[2014/03/03 00:11:03 | 000,094,208 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\History[2013/12/12 01:50:26 | 000,018,432 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Login Data[2014/03/01 18:59:41 | 000,019,456 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs[2014/03/02 20:56:29 | 000,062,854 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\preferences[2014/01/27 17:59:30 | 000,013,312 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\QuotaManager[2013/12/12 01:50:10 | 000,000,180 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\README[2014/03/02 20:52:55 | 000,000,032 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Reset Prompt Memento[2014/03/01 18:59:37 | 000,012,288 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Shortcuts[2014/01/27 17:59:08 | 000,000,324 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity[2014/03/03 00:11:04 | 000,077,824 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data[2014/03/02 20:52:55 | 000,081,920 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data.temp< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\Default\*. >[2014/03/01 18:59:28 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cache[2014/03/01 18:59:28 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\databases[2014/02/09 13:03:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extension Rules[2014/02/27 16:03:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions[2013/12/12 01:49:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\GPUCache[2014/01/27 17:59:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\IndexedDB[2013/12/19 18:13:53 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons[2013/12/19 18:13:53 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld[2014/02/28 08:01:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\kgbfdabplphfafenmofiofilgeglfbcp[2014/03/01 18:59:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage[2013/12/19 18:13:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Media Cache[2013/12/12 01:50:07 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Pepper Data[2014/02/09 13:04:06 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Session Storage[2014/03/01 18:59:28 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Sync Data[2013/12/12 01:49:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets< %USERPROFILE%\AppData\Local\temp\*.exe >[2014/03/02 20:57:51 | 024,039,048 | ---- | M] (Mozilla) -- C:\Users\Chris\AppData\Local\temp\6_Offer_20.exe[2014/03/03 03:36:07 | 000,510,848 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\AppData\Local\temp\AKGCJMV.exe[2014/03/02 20:57:19 | 001,365,784 | ---- | M] (@@@) -- C:\Users\Chris\AppData\Local\temp\DM1393811819.exe[2014/03/03 03:36:35 | 000,514,944 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\AppData\Local\temp\LDYDB.exe[2014/03/03 04:04:58 | 000,433,024 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris\AppData\Local\temp\MVOZ.exe[74 C:\Users\Chris\AppData\Local\temp\*.tmp files -> C:\Users\Chris\AppData\Local\temp\*.tmp -> ]< %USERPROFILE%\AppData\Roaming\*.* >[2014/02/11 22:15:06 | 000,000,132 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Adobe PNG Format CS6 Prefs[2014/02/25 18:24:49 | 000,000,132 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Adobe Targa Format CS6 Prefs[2014/01/26 16:46:49 | 000,000,020 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\SoundCloudDownloaderSettings.ini[2013/11/19 16:08:06 | 000,000,096 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\version2.xml< %USERPROFILE%\AppData\Roaming\*. >[2014/03/01 22:05:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Adobe[2013/12/03 16:57:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Apple Computer[2013/12/07 17:34:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Autodesk[2014/03/03 00:04:38 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVG[2014/03/02 23:49:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVG2014[2013/11/28 07:13:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVS4YOU[2013/11/16 16:26:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Awesomium[2014/01/27 20:29:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Battle.net[2014/01/26 16:40:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Convert Audio Free[2013/11/17 12:44:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Corel Corporation[2013/11/17 12:44:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\FLEXnet[2014/01/26 18:14:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Free Picture Solutions[2013/11/16 14:40:36 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Identities[2013/12/02 14:25:57 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Kits[2013/11/17 19:16:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LolClient[2014/02/11 18:58:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Lunaweb[2013/12/02 14:29:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Luxology[2013/11/16 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Macromedia[2014/01/18 14:41:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Malwarebytes[2010/11/21 02:16:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Media Center Programs[2013/12/16 11:13:28 | 000,000,000 | --SD | M] -- C:\Users\Chris\AppData\Roaming\Microsoft[2013/11/22 14:18:32 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mirillis[2014/02/26 19:35:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Mozilla[2013/11/18 19:25:38 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\NVIDIA[2013/11/30 18:58:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice[2014/01/05 06:23:39 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Origin[2014/03/01 19:08:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PCFixKit[2014/01/21 11:27:43 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PDAppFlex[2013/11/17 03:08:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Publish Providers[2013/11/17 16:45:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Riot Games[2013/11/17 12:44:48 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Roxio[2013/11/16 16:23:02 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Roxio Log Files[2013/11/22 02:39:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SecondLife[2013/11/17 15:52:47 | 000,000,000 | RH-D | M] -- C:\Users\Chris\AppData\Roaming\SecuROM[2014/03/03 06:18:03 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Skype[2014/03/03 00:10:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony[2013/12/15 21:21:28 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sony Creative Software Inc[2013/11/19 16:02:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sytexis Software[2014/01/13 03:07:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TS3Client[2014/03/02 23:48:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TuneUp Software[2013/12/03 16:59:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Unity[2014/03/02 20:00:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent[2013/11/27 01:53:35 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\WinRAR< %ProgramData%\*.* >< %ProgramData%\*. >[2014/03/02 20:40:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe[2013/11/17 16:42:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple[2013/11/17 16:42:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data[2013/12/07 17:34:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Autodesk[2014/03/03 00:06:14 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG[2014/03/03 00:10:30 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2014[2013/11/28 07:13:40 | 000,000,000 | ---D | M] -- C:\ProgramData\AVS4YOU[2013/11/27 04:40:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Battle.net[2013/11/27 02:15:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Blizzard[2014/01/27 20:20:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Blizzard Entertainment[2014/03/02 23:45:32 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents[2014/01/05 22:28:58 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core[2014/01/05 22:32:17 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs[2014/01/05 22:28:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites[2013/11/18 19:22:31 | 000,000,000 | ---D | M] -- C:\ProgramData\FLEXnet[2014/02/18 13:28:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Freemake[2013/11/16 16:25:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Hi-Rez Studios[2013/11/16 16:29:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Macrovision[2014/01/18 14:40:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes[2013/12/14 03:58:25 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee[2014/03/03 04:47:49 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData[2014/03/02 20:20:44 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft[2013/11/22 14:18:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Mirillis[2013/11/16 15:07:48 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla[2014/03/03 03:18:15 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA[2013/11/07 14:33:34 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation[2014/01/15 09:36:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle[2014/02/18 15:12:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin[2014/02/28 07:35:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache[2013/12/12 03:24:46 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files[2013/11/25 00:11:20 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe[2013/11/16 16:30:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Roxio[2014/03/02 20:53:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype[2013/11/16 16:30:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Sonic[2014/01/16 14:44:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Sony[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu[2014/01/11 03:51:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun[2013/11/19 16:41:42 | 000,000,000 | ---D | M] -- C:\ProgramData\TechSmith[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates[2013/11/16 16:30:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall[2013/12/03 16:59:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Unity[2014/03/03 00:10:24 | 000,000,000 | -HSD | M] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}< %programdata%\Microsoft\Windows\DRM\*.tmp >< %programdata%\Microsoft\DRM\*.tmp >< C:\Users\All Users\*.exe /s >[2013/11/27 04:40:23 | 000,428,592 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.exe[2013/11/27 04:40:23 | 001,620,016 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Blizzard Uninstaller.exe[2013/11/27 04:40:23 | 000,333,360 | ---- | M] (Blizzard Entertainment, Inc.) -- C:\Users\All Users\Battle.net\Agent\BlizzardError.exe[2013/11/27 04:40:18 | 000,499,712 | ---- | M] (Blizzard Entertainment, Inc.) -- C:\Users\All Users\Battle.net\Agent\ErrorReporter.exe[2013/11/27 04:40:18 | 005,845,624 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.1040\Agent.exe[2013/11/27 04:40:23 | 006,259,248 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.2380\Agent.exe[2014/01/27 20:19:22 | 008,830,512 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Agent\Agent.beta.2581\Agent.exe[2013/11/27 04:40:38 | 000,533,184 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Client\Blizzard Launcher.exe[2013/11/27 04:40:27 | 017,735,288 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Client\Blizzard Launcher.1682\Blizzard Launcher.exe[2013/11/27 04:40:38 | 019,252,784 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Client\Blizzard Launcher.2005\Blizzard Launcher.exe[2013/11/27 12:21:07 | 001,842,736 | ---- | M] (Blizzard Entertainment) -- C:\Users\All Users\Battle.net\Setup\wow_engb\World of Warcraft Setup.exe[2010/05/21 13:40:24 | 001,406,320 | ---- | M] (Flexera Software, Inc.) -- C:\Users\All Users\FLEXnet\Connect\11\agent.exe[2010/05/21 13:40:26 | 000,443,760 | ---- | M] (Flexera Software, Inc.) -- C:\Users\All Users\FLEXnet\Connect\11\ISDM.exe[2010/05/21 13:40:28 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\Users\All Users\FLEXnet\Connect\11\issch.exe[2010/05/21 13:40:26 | 000,324,976 | ---- | M] (Flexera Software, Inc.) -- C:\Users\All Users\FLEXnet\Connect\11\ISUSPM.exe[2010/05/21 13:40:38 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\Users\All Users\Macrovision\FLEXnet Connect\11\agent.exe[2010/05/21 13:40:36 | 000,746,864 | ---- | M] (Flexera Software, Inc.) -- C:\Users\All Users\Macrovision\FLEXnet Connect\6\agent.exe[2014/02/28 07:34:55 | 000,453,872 | ---- | M] (Microsoft Corporation) -- C:\Users\All Users\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe[2013/11/16 16:23:47 | 005,843,600 | ---- | M] (Corel Corporation) -- C:\Users\All Users\Uninstall\{2DD84AB2-8BF4-49FA-9D62-E3F93D4F56FB}\setup.exe[2009/07/14 00:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT[2009/07/14 00:08:49 | 000,032,538 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT[2013/11/16 15:37:30 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job[2013/11/16 17:07:42 | 000,000,388 | ---- | C] () -- C:\Windows\Tasks\update-sys.job[2013/11/16 17:07:43 | 000,000,388 | ---- | C] () -- C:\Windows\Tasks\update-S-1-5-21-662125380-580819888-2351019072-1000.job[2013/12/12 01:48:35 | 000,000,892 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job[2013/12/12 01:48:36 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job[2014/01/30 14:21:18 | 000,000,856 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000Core.job[2014/01/30 14:21:19 | 000,000,908 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-662125380-580819888-2351019072-1000UA.job< C:\Users\Default\*.exe /s >< C:\Users\Public\*.exe /s >< %CommonProgramFiles%\*.* >< %CommonProgramFiles%\*. >[2014/03/02 20:40:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Adobe[2013/11/17 17:55:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Autodesk Shared[2013/11/28 07:12:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\AVSMedia[2013/11/16 18:04:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\BioWare[2014/01/29 16:41:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment[2014/02/16 12:58:47 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Common Files\EAInstaller[2014/01/29 16:53:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\InstallShield[2014/01/11 03:51:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Java[2013/11/16 15:21:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\microsoft shared[2013/11/16 16:29:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\PX Storage Engine[2013/11/16 16:29:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Roxio Shared[2009/07/13 22:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Services[2014/03/02 20:53:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Skype[2013/11/16 16:30:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Sonic Shared[2009/07/13 22:20:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\SpeechEngines[2014/03/02 18:31:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Steam[2013/11/17 12:31:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\System[2011/11/22 11:41:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Windows Live[2014/03/01 19:02:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard< %CommonProgramFiles%\ComObjects\*.* >< %ProgramFiles%\*.* >[2009/07/13 23:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini< %ProgramFiles%\*. >[2014/03/02 20:40:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe[2013/11/07 14:34:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies[2013/11/17 16:42:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update[2013/11/20 13:45:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Autodesk[2014/03/03 00:04:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG[2013/11/28 07:12:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVS4YOU[2014/01/27 20:20:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battle.net[2014/01/26 16:42:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Battlelog Web Plugins[2013/12/02 14:20:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour[2013/11/16 15:11:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Capcom[2014/03/02 20:53:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files[2014/02/15 15:20:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Convert Audio Free[2014/02/28 02:54:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DriverToolkit[2013/11/16 17:09:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts[2013/11/26 21:12:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eMu3Ds[2014/01/26 18:14:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Picture Solutions[2014/02/18 13:23:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Freemake[2014/02/01 21:32:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GameSpy Arcade[2013/12/12 01:49:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google[2014/01/29 17:12:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hearthstone[2013/11/16 16:25:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hi-Rez Studios[2014/01/29 16:55:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information[2014/02/12 21:48:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer[2014/01/15 09:36:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java[2013/11/26 00:51:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LG Electronics[2014/03/02 14:47:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware[2014/01/26 16:42:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft[2014/02/01 21:30:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games[2013/11/16 15:24:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE[2011/11/22 11:42:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight[2011/11/22 11:43:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition[2013/11/16 16:26:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET[2013/11/22 14:16:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mirillis[2014/03/03 00:05:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox[2014/03/03 00:12:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox.bak[2014/03/03 03:17:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild[2013/11/18 01:47:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0[2013/11/07 14:34:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation[2013/11/28 07:10:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice 4[2014/02/18 15:12:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin[2014/03/01 16:27:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin Games[2013/11/17 16:45:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks[2014/03/01 19:20:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PCFixKit[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies[2013/11/16 16:30:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio Game Capture HD PRO[2013/11/17 16:43:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari[2014/02/28 07:34:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Seagate[2013/11/21 23:05:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SecondLifeViewer[2014/01/29 16:54:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sierra[2013/11/16 17:07:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Skillbrains[2014/03/02 20:53:52 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype[2013/11/17 03:00:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony[2014/03/02 20:02:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam[2013/11/19 16:06:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sytexis Software[2013/11/19 16:41:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TechSmith[2009/07/13 23:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information[2014/03/02 20:54:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Uninstaller[2013/12/03 16:56:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Unity[2013/11/07 14:32:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VIA[2013/11/17 12:31:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender[2011/11/22 11:55:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail[2013/12/11 15:09:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer[2010/11/20 22:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar[2013/11/27 01:53:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR< %Public%\Documents\*.* >[2009/07/13 23:54:24 | 000,000,278 | -HS- | M] () -- C:\Users\Public\Documents\desktop.ini< %Public%\Documents\*. >[2013/11/16 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Public\Documents\microsoft[2014/01/29 17:10:00 | 000,000,000 | ---D | M] -- C:\Users\Public\Documents\Monolith Productions[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Public\Documents\My Music[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Public\Documents\My Pictures[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\Users\Public\Documents\My Videos[2013/12/03 16:56:11 | 000,000,000 | ---D | M] -- C:\Users\Public\Documents\Unity Projects< %systemroot%\System32\config\systemprofile\*.exe /s >[2013/11/16 15:07:11 | 008,282,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\BingBarSetup-Partner[1].EXE< %systemroot%\System32\config\systemprofile\*.* >< %systemroot%\System32\config\systemprofile\*. >[2009/07/13 23:55:33 | 000,000,000 | --SD | M] -- C:\Windows\System32\config\systemprofile\AppData< %systemroot%\system32\config\systemprofile\AppData\Local\*.* >< %systemroot%\system32\config\systemprofile\AppData\Local\*. >[2014/03/02 23:53:08 | 000,000,000 | ---D | M] -- C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014[2013/12/12 01:54:48 | 000,000,000 | ---D | M] -- C:\Windows\system32\config\systemprofile\AppData\Local\Google[2009/07/13 23:54:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft< %systemroot%\system32\config\systemprofile\AppData\Roaming\*.* >< %systemroot%\system32\config\systemprofile\AppData\Roaming\*. >[2014/03/02 23:49:30 | 000,000,000 | ---D | M] -- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2014[2009/07/13 23:54:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft[2013/11/17 12:44:48 | 000,000,000 | ---D | M] -- C:\Windows\system32\config\systemprofile\AppData\Roaming\Roxio< %systemroot%\SysWow64\config\systemprofile\*.exe /s >[2013/11/16 15:07:11 | 008,282,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\BingBarSetup-Partner[1].EXE< %systemroot%\SysWow64\config\systemprofile\*.* >< %systemroot%\SysWow64\config\systemprofile\*. >[2009/07/13 23:55:33 | 000,000,000 | --SD | M] -- C:\Windows\SysWow64\config\systemprofile\AppData< %systemroot%\SysWOW64\config\systemprofile\AppData\Local\*.* >< %systemroot%\SysWOW64\config\systemprofile\AppData\Local\*. >[2014/03/02 23:53:08 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Avg2014[2013/12/12 01:54:48 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google[2009/07/13 23:54:17 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft< %systemroot%\SysWOW64\config\systemprofile\AppData\Roaming\*.* >< %systemroot%\SysWOW64\config\systemprofile\AppData\Roaming\*. >[2014/03/02 23:49:30 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\AVG2014[2009/07/13 23:54:17 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft[2013/11/17 12:44:48 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Roxio< %systemroot%\ServiceProfiles\*.exe /s >< %systemroot%\ServiceProfiles\LocalService\AppData\Local\*.* >[2011/11/22 11:57:21 | 000,692,696 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1889288938-2270887571-2738792734-500-12288.dat[2013/11/17 05:29:11 | 000,725,660 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-662125380-580819888-2351019072-1000-12288.dat[2013/11/16 15:25:26 | 001,666,744 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-662125380-580819888-2351019072-1000-4096.dat[2013/11/17 05:29:10 | 007,591,672 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-662125380-580819888-2351019072-1000-8192.dat[2013/11/07 14:36:06 | 000,229,488 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-662125380-580819888-2351019072-500-12288.dat[2014/03/02 03:32:14 | 001,548,120 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat[2014/03/03 03:18:15 | 000,002,048 | -HS- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat[2014/03/03 03:18:15 | 000,002,048 | -HS- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat[2014/01/18 08:21:34 | 016,777,216 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-FontFace.dat[2014/02/19 21:01:15 | 008,388,608 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-S-1-5-21-662125380-580819888-2351019072-1000.dat[2014/01/21 12:16:04 | 000,529,836 | ---- | M] () -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\~FontCache-System.dat< %systemroot%\ServiceProfiles\LocalService\AppData\Local\*. >[2013/11/16 15:03:49 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft[2013/11/16 15:00:14 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm[2013/11/22 14:12:50 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp< %systemroot%\ServiceProfiles\LocalService\AppData\Local\Temp\*.tlb >< %systemroot%\ServiceProfiles\LocalService\AppData\Roaming\*.* >< %systemroot%\ServiceProfiles\LocalService\AppData\Roaming\*. >[2013/11/17 14:36:15 | 000,000,000 | --SD | M] -- C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft[2014/02/08 17:52:13 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking< %systemroot%\ServiceProfiles\NetworkService\AppData\Local\*.* >< %systemroot%\ServiceProfiles\NetworkService\AppData\Local\*. >[2014/02/08 18:40:56 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft[2014/03/02 21:00:47 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp< %systemroot%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tlb >< %systemroot%\ServiceProfiles\NetworkService\AppData\Roaming\*.* >< %systemroot%\ServiceProfiles\NetworkService\AppData\Roaming\*. >[2010/11/20 22:27:14 | 000,000,000 | --SD | M] -- C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft< %windir%\temp\*.exe >< %windir%\*. >[2014/03/01 19:17:40 | 000,000,000 | ---D | M] -- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP[2009/07/14 00:32:39 | 000,000,000 | ---D | M] -- C:\Windows\addins[2009/07/13 22:20:08 | 000,000,000 | ---D | M] -- C:\Windows\AppCompat[2014/03/01 23:26:52 | 000,000,000 | ---D | M] -- C:\Windows\AppPatch[2014/03/02 20:56:33 | 000,000,000 | R-SD | M] -- C:\Windows\assembly[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\Boot[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\Branding[2009/07/14 00:32:39 | 000,000,000 | ---D | M] -- C:\Windows\Cursors[2014/03/01 18:58:36 | 000,000,000 | ---D | M] -- C:\Windows\debug[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\diagnostics[2009/07/14 00:37:46 | 000,000,000 | ---D | M] -- C:\Windows\DigitalLocker[2009/07/14 00:32:39 | 000,000,000 | ---D | M] -- C:\Windows\Downloaded Program Files[2013/11/17 12:31:42 | 000,000,000 | ---D | M] -- C:\Windows\ehome[2011/11/22 11:44:24 | 000,000,000 | ---D | M] -- C:\Windows\en[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\en-US[2014/03/01 23:29:53 | 000,000,000 | ---D | M] -- C:\Windows\erdnt[2014/01/21 12:16:04 | 000,000,000 | R-SD | M] -- C:\Windows\Fonts[2010/11/21 02:19:27 | 000,000,000 | ---D | M] -- C:\Windows\Globalization[2013/11/07 14:33:40 | 000,000,000 | ---D | M] -- C:\Windows\Help[2009/07/14 00:37:46 | 000,000,000 | ---D | M] -- C:\Windows\IME[2014/03/02 23:48:40 | 000,000,000 | ---D | M] -- C:\Windows\inf[2014/03/03 00:05:11 | 000,000,000 | -HSD | M] -- C:\Windows\Installer[2009/07/14 00:32:39 | 000,000,000 | ---D | M] -- C:\Windows\L2Schemas[2009/07/13 21:34:24 | 000,000,000 | ---D | M] -- C:\Windows\LiveKernelReports[2014/03/02 20:00:40 | 000,000,000 | ---D | M] -- C:\Windows\Logs[2009/07/14 00:32:40 | 000,000,000 | R-SD | M] -- C:\Windows\Media[2014/02/26 02:55:04 | 000,000,000 | ---D | M] -- C:\Windows\Microsoft.NET[2014/02/24 20:26:02 | 000,000,000 | ---D | M] -- C:\Windows\Migration[2014/03/01 18:58:36 | 000,000,000 | ---D | M] -- C:\Windows\Minidump[2009/07/13 21:34:34 | 000,000,000 | ---D | M] -- C:\Windows\ModemLogs[2011/11/22 11:50:05 | 000,000,000 | -H-D | M] -- C:\Windows\msdownld.tmp[2009/07/14 00:32:40 | 000,000,000 | ---D | M] -- C:\Windows\Offline Web Pages[2013/12/19 18:10:19 | 000,000,000 | ---D | M] -- C:\Windows\panther[2011/11/22 11:42:37 | 000,000,000 | ---D | M] -- C:\Windows\PCHEALTH[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\Performance[2009/07/13 22:20:10 | 000,000,000 | ---D | M] -- C:\Windows\PLA[2013/11/19 09:20:17 | 000,000,000 | ---D | M] -- C:\Windows\PolicyDefinitions[2013/11/17 14:36:22 | 000,000,000 | ---D | M] -- C:\Windows\Prefetch[2009/07/13 22:20:11 | 000,000,000 | ---D | M] -- C:\Windows\Registration[2013/11/16 14:35:18 | 000,000,000 | ---D | M] -- C:\Windows\rescache[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\Resources[2009/07/13 21:35:47 | 000,000,000 | ---D | M] -- C:\Windows\SchCache[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\schemas[2009/07/13 22:20:10 | 000,000,000 | ---D | M] -- C:\Windows\security[2009/07/13 23:45:47 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\servicing[2011/11/22 11:48:44 | 000,000,000 | ---D | M] -- C:\Windows\Setup[2010/11/21 02:16:47 | 000,000,000 | ---D | M] -- C:\Windows\ShellNew[2013/11/16 14:59:32 | 000,000,000 | ---D | M] -- C:\Windows\SoftwareDistribution[2010/11/21 02:06:49 | 000,000,000 | ---D | M] -- C:\Windows\Speech[2009/07/13 21:36:55 | 000,000,000 | ---D | M] -- C:\Windows\system[2014/03/03 00:04:57 | 000,000,000 | ---D | M] -- C:\Windows\System32[2014/03/03 00:04:56 | 000,000,000 | ---D | M] -- C:\Windows\SysWOW64[2009/07/13 23:57:13 | 000,000,000 | ---D | M] -- C:\Windows\TAPI[2014/01/30 14:21:19 | 000,000,000 | ---D | M] -- C:\Windows\Tasks[2014/03/03 06:19:43 | 000,000,000 | ---D | M] -- C:\Windows\temp[2009/07/13 21:34:33 | 000,000,000 | ---D | M] -- C:\Windows\tracing[2009/07/14 00:32:39 | 000,000,000 | ---D | M] -- C:\Windows\twain_32[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\Vss[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\Web[2014/02/12 21:50:25 | 000,000,000 | ---D | M] -- C:\Windows\winsxs< %windir%\AppPatch\*.exe /s >< %windir%\ShellNew\*.* >[2009/06/10 15:44:28 | 000,004,544 | ---- | M] () -- C:\Windows\ShellNew\Journal.jnt< %windir%\installer\*. >[2011/11/22 11:42:01 | 000,000,000 | -HSD | M] -- C:\Windows\installer\$PatchCache$[2014/03/02 20:53:07 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSI5BF.tmp-[2014/03/02 20:56:26 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSI5CE0.tmp-[2014/03/02 20:53:09 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSI62AE.tmp-[2014/03/02 20:56:30 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSI6A4A.tmp-[2014/03/02 20:53:12 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSI6EF2.tmp-[2014/03/02 20:56:30 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSI784F.tmp-[2014/03/02 20:56:39 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSI8859.tmp-[2014/01/26 16:40:10 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSIA9FE.tmp-[2014/03/02 20:54:41 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSICA9A.tmp-[2014/03/02 20:54:44 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSID6AF.tmp-[2014/01/26 16:40:15 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSIE5B8.tmp-[2014/03/02 20:52:41 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSIE639.tmp-[2014/01/26 16:40:50 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSIFAC1.tmp-[2014/03/02 20:52:42 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSIFC5A.tmp-[2014/03/02 20:56:23 | 000,000,000 | ---D | M] -- C:\Windows\installer\MSIFEB9.tmp-[2014/01/21 12:12:47 | 000,000,000 | ---D | M] -- C:\Windows\installer\{08D2E121-7F6A-43EB-97FD-629B44903403}[2014/02/08 15:13:59 | 000,000,000 | ---D | M] -- C:\Windows\installer\{190BC83F-D54E-4494-830E-7FB4A5F4B964}[2013/11/20 13:45:37 | 000,000,000 | ---D | M] -- C:\Windows\installer\{3D347E6D-5A03-4342-B5BA-6A771885F379}[2013/11/16 15:21:14 | 000,000,000 | ---D | M] -- C:\Windows\installer\{43430FA0-49F0-4B13-B4C5-611000008100}[2013/11/27 14:13:22 | 000,000,000 | ---D | M] -- C:\Windows\installer\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}[2014/01/26 16:41:38 | 000,000,000 | ---D | M] -- C:\Windows\installer\{4D2F193D-4725-4518-9F23-AAF5A3475875}[2013/12/17 18:40:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}[2013/11/17 17:56:08 | 000,000,000 | ---D | M] -- C:\Windows\installer\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}[2013/11/17 18:02:01 | 000,000,000 | ---D | M] -- C:\Windows\installer\{5AAB972C-FF31-4B01-8445-50C42860EC02}[2013/11/19 16:21:53 | 000,000,000 | ---D | M] -- C:\Windows\installer\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}[2013/11/26 00:52:25 | 000,000,000 | ---D | M] -- C:\Windows\installer\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}[2013/11/16 16:30:55 | 000,000,000 | ---D | M] -- C:\Windows\installer\{5F187E71-93D7-4849-B5C2-1DD1747C81A7}[2013/11/16 16:30:45 | 000,000,000 | ---D | M] -- C:\Windows\installer\{69290A89-5CD6-42A2-BBD9-D1EE95A3E490}[2013/11/16 16:30:16 | 000,000,000 | ---D | M] -- C:\Windows\installer\{6FF4C560-A95B-42DE-83AD-62C8737115E9}[2014/02/01 21:32:03 | 000,000,000 | ---D | M] -- C:\Windows\installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}[2013/11/17 16:42:34 | 000,000,000 | ---D | M] -- C:\Windows\installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}[2014/03/02 20:53:52 | 000,000,000 | ---D | M] -- C:\Windows\installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}[2013/11/07 14:34:58 | 000,000,000 | ---D | M] -- C:\Windows\installer\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}[2013/11/19 16:41:44 | 000,000,000 | ---D | M] -- C:\Windows\installer\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}[2013/11/20 13:45:23 | 000,000,000 | ---D | M] -- C:\Windows\installer\{7FA8BC5D-7CE4-42F3-8EAE-32DF5BAB53A7}[2013/11/16 15:49:00 | 000,000,000 | ---D | M] -- C:\Windows\installer\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}[2013/11/18 01:47:10 | 000,000,000 | ---D | M] -- C:\Windows\installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}[2011/11/22 11:42:13 | 000,000,000 | ---D | M] -- C:\Windows\installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}[2013/11/17 18:07:48 | 000,000,000 | ---D | M] -- C:\Windows\installer\{8FC7C2B2-0F64-4B35-AA3D-2B051D009243}[2014/01/21 12:12:40 | 000,000,000 | ---D | M] -- C:\Windows\installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}[2011/11/22 11:44:01 | 000,000,000 | ---D | M] -- C:\Windows\installer\{A726AE06-AAA3-43D1-87E3-70F510314F04}[2014/01/16 14:44:21 | 000,000,000 | ---D | M] -- C:\Windows\installer\{A7500970-FE98-11E1-B560-F04DA23A5C58}[2013/11/17 02:03:48 | 000,000,000 | ---D | M] -- C:\Windows\installer\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}[2013/11/17 17:58:17 | 000,000,000 | ---D | M] -- C:\Windows\installer\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}[2013/12/02 14:20:27 | 000,000,000 | ---D | M] -- C:\Windows\installer\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}[2014/01/26 18:14:08 | 000,000,000 | ---D | M] -- C:\Windows\installer\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}[2013/11/17 16:43:02 | 000,000,000 | ---D | M] -- C:\Windows\installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}[2011/11/22 11:43:00 | 000,000,000 | ---D | M] -- C:\Windows\installer\{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}[2011/11/22 11:44:07 | 000,000,000 | ---D | M] -- C:\Windows\installer\{DECDCB7C-58CC-4865-91AF-627F9798FE48}[2011/11/22 11:43:35 | 000,000,000 | ---D | M] -- C:\Windows\installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}[2011/11/22 11:43:47 | 000,000,000 | ---D | M] -- C:\Windows\installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}[2013/11/18 01:48:28 | 000,000,000 | ---D | M] -- C:\Windows\installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}[2013/11/16 15:24:40 | 000,000,000 | ---D | M] -- C:\Windows\installer\{F97E3841-CA9D-4964-9D64-26066241D26F}[2013/12/07 00:26:38 | 000,000,000 | ---D | M] -- C:\Windows\installer\{F9BE7B54-D322-43D6-83DD-CD132E4B8EEE}< %windir%\system32\*. >[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\0409[2010/11/20 22:31:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\AdvancedInstallers[2009/07/13 22:20:16 | 000,000,000 | ---D | M] -- C:\Windows\system32\ar-SA[2009/07/13 22:20:16 | 000,000,000 | ---D | M] -- C:\Windows\system32\bg-BG[2009/07/13 21:35:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\catroot[2009/07/13 21:35:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\catroot2[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\com[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\config[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\cs-CZ[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\da-DK[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\de-DE[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\Dism[2014/03/01 23:26:52 | 000,000,000 | ---D | M] -- C:\Windows\system32\drivers[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\DriverStore[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\el-GR[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\en[2014/02/24 20:26:11 | 000,000,000 | ---D | M] -- C:\Windows\system32\en-US[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\es-ES[2009/07/13 22:20:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\et-EE[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\fi-FI[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\fr-FR[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\system32\FxsTmp[2009/07/13 21:34:27 | 000,000,000 | ---D | M] -- C:\Windows\system32\GroupPolicy[2009/07/13 21:34:27 | 000,000,000 | ---D | M] -- C:\Windows\system32\GroupPolicyUsers[2009/07/13 22:20:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\he-IL[2009/07/13 22:20:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\hr-HR[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\hu-HU[2009/07/13 22:20:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\icsxml[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\IME[2009/07/13 21:36:55 | 000,000,000 | ---D | M] -- C:\Windows\system32\inetsrv[2009/07/13 22:20:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\InstallShield[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\it-IT[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\ja-JP[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\ko-KR[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\system32\LogFiles[2009/07/13 22:20:17 | 000,000,000 | ---D | M] -- C:\Windows\system32\lt-LT[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\lv-LV[2013/11/16 15:37:29 | 000,000,000 | ---D | M] -- C:\Windows\system32\Macromed[2010/11/20 22:31:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\manifeststore[2013/11/19 09:20:18 | 000,000,000 | ---D | M] -- C:\Windows\system32\migration[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\migwiz[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\Msdtc[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\MUI[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\nb-NO[2009/07/13 21:34:31 | 000,000,000 | ---D | M] -- C:\Windows\system32\NDF[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\NetworkList[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\nl-NL[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\oobe[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\pl-PL[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\Printing_Admin_Scripts[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\pt-BR[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\pt-PT[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\ras[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\Recovery[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\system32\restore[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\ro-RO[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\ru-RU[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\Setup[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\sk-SK[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\sl-SI[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\slmgr[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\system32\Speech[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\spp[2010/11/20 22:31:13 | 000,000,000 | ---D | M] -- C:\Windows\system32\sppui[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\sr-Latn-CS[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\sv-SE[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\sysprep[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\th-TH[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\tr-TR[2009/07/13 22:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\uk-UA[2013/11/17 12:31:32 | 000,000,000 | ---D | M] -- C:\Windows\system32\Wat[2010/11/21 02:16:47 | 000,000,000 | ---D | M] -- C:\Windows\system32\wbem[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\WCN[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\wdi[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\system32\WindowsPowerShell[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\system32\winrm[2013/11/16 15:24:18 | 000,000,000 | ---D | M] -- C:\Windows\system32\xlive[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\zh-CN[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\zh-HK[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\zh-TW< %windir%\sysnative\*. >[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\0409[2010/11/20 22:30:27 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\AdvancedInstallers[2009/07/13 22:20:11 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\ar-SA[2009/07/13 22:20:11 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\bg-BG[2011/11/22 11:38:13 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Boot[2014/03/02 23:48:38 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\catroot[2014/03/02 23:47:42 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\catroot2[2011/11/22 11:36:36 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\CodeIntegrity[2010/11/21 02:06:49 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\com[2014/03/03 03:22:08 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\config[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\cs-CZ[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\da-DK[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\de-DE[2010/11/21 02:06:50 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Dism[2014/03/02 23:48:50 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\drivers[2014/03/02 23:48:38 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\DriverStore[2011/11/22 11:43:00 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\DRVSTORE[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\el-GR[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\en[2014/02/24 20:26:11 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\en-US[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\es-ES[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\et-EE[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\fi-FI[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\fr-FR[2009/07/14 00:09:04 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\FxsTmp[2009/07/13 21:34:27 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\GroupPolicy[2009/07/13 21:34:27 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\GroupPolicyUsers[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\he-IL[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\hr-HR[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\hu-HU[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\ias[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\icsxml[2009/07/13 22:20:11 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\IME[2009/07/13 21:36:55 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\inetsrv[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\it-IT[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\ja-JP[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\ko-KR[2014/01/05 12:17:40 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\LogFiles[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\lt-LT[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\lv-LV[2013/11/16 15:37:28 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Macromed[2010/11/20 22:30:27 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\manifeststore[2009/07/13 23:45:42 | 000,000,000 | --SD | M] -- C:\Windows\sysnative\Microsoft[2013/11/19 09:20:17 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\migration[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\migwiz[2014/02/15 03:01:47 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\MRT[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Msdtc[2010/11/21 02:06:50 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\MUI[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\nb-NO[2014/02/12 15:24:11 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\NDF[2009/07/13 22:20:11 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\NetworkList[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\nl-NL[2011/11/21 20:24:46 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\oobe[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\pl-PL[2010/11/21 02:06:50 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Printing_Admin_Scripts[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\pt-BR[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\pt-PT[2009/07/13 22:20:15 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\ras[2013/11/16 14:40:27 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Recovery[2013/11/16 14:59:43 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\restore[2009/07/13 22:20:15 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\ro-RO[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\ru-RU[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Setup[2009/07/13 22:20:15 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\sk-SK[2009/07/13 22:20:15 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\sl-SI[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\slmgr[2009/07/13 22:20:13 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\SMI[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Speech[2009/07/13 23:53:31 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\spool[2009/07/13 22:20:13 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\spp[2010/11/20 22:30:26 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\sppui[2009/07/13 22:20:16 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\sr-Latn-CS[2013/11/07 14:32:45 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\SRSLabs[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\sv-SE[2013/11/08 19:35:12 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\sysprep[2014/03/03 00:11:05 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Tasks[2009/07/13 22:20:16 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\th-TH[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\tr-TR[2009/07/13 22:20:16 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\uk-UA[2013/11/17 12:31:32 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\Wat[2013/11/07 14:36:03 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\wbem[2010/11/21 02:06:50 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\WCN[2013/12/06 23:01:32 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\wdi[2009/07/14 00:09:49 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\wfp[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\WinBioDatabase[2009/07/14 00:37:46 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\WinBioPlugIns[2009/07/14 00:32:38 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\WindowsPowerShell[2009/07/13 22:20:14 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\winevt[2010/11/21 02:06:51 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\winrm[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\zh-CN[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\zh-HK[2013/11/17 12:31:39 | 000,000,000 | ---D | M] -- C:\Windows\sysnative\zh-TW< %Temp%\smtmp\1\*.* >< %Temp%\smtmp\2\*.* >< %Temp%\smtmp\3\*.* >< %Temp%\smtmp\4\*.* >< %systemroot%\system32\*.dll /lockedfiles >< %systemroot%\syswow64\*.dll /lockedfiles >< %systemroot%\Tasks\*.job /lockedfiles >< %systemroot%\system32\drivers\*.sys /90 >< %systemroot%\system32\drivers\*.sys /lockedfiles >< %systemroot%\syswow64\drivers\*.sys /90 >< %systemroot%\syswow64\drivers\*.sys /lockedfiles >< %SYSTEMDRIVE%\*. /rp /s >< %systemroot%\assembly\tmp\*.* /S /MD5 >< %systemroot%\assembly\temp\*.* /S /MD5 >< %systemroot%\assembly\GAC\*.ini >< %systemroot%\assembly\GAC_32\*.ini >< %systemroot%\assembly\GAC_64\*.ini >< %SystemRoot%\assembly\GAC_MSIL\*.ini >< wsSystemRoot|l,n,u,@;True;False;True;$,{ /fn >< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >< HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s >"" = PSFactoryBuffer[HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32]"" = %systemroot%\system32\wbem\wbemsvc.dll -- [2009/07/13 20:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >< HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >"" = MruPidlList[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} /s >"" = Start Menu Pin"ImplementsVerbs" = startpin;startunpin[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s >"" = PSFactoryBuffer[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32]"" = %systemroot%\system32\wbem\wbemsvc.dll -- [2009/07/13 20:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both< HKEY_CLASSES_ROOT\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s >"" = Microsoft WBEM _WbemFetchRefresherMgr Proxy Helper[HKEY_CLASSES_ROOT\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 3, 2014 Author ID:798653 Share Posted March 3, 2014 < HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s >"" = ShellFolder for CD Burning[HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\MergedFolder]"Attributes" = 0x0"AttributeMask" = 0xffffffff"Location" = @shell32.dll,-12591 -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)"ConflictOverlayIcon" = %SystemRoot%\system32\imageres.dll,-169 -- [2009/07/13 20:06:03 | 020,268,032 | ---- | M] (Microsoft Corporation)< HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s >< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s >"" = Microsoft WBEM _WbemFetchRefresherMgr Proxy Helper[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor /s >"CompletionChar" = 64"DefaultColor" = 0"EnableExtensions" = 1"PathCompletionChar" = 64"DelayedExpansion" = 0< HKCU\Software\Classes\CLSID\{ECD4FC4D-521C-11D0-B792-00A0C90312E1}\InprocServer32 /s >< HKLM\Software\Classes\CLSID\{E6BB64BE-0618-4353-9193-0AFE606D6F0C}\InprocServer32 /s >< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\scsimap /s >< HKEY_CLASSES_ROOT\CLSID\{118BEDCC-A901-4203-B4F2-ADCB957D1887} /s >< HKEY_CLASSES_ROOT\CLSID\{312BED3C-A901-4203-B4F2-ADCB957D1887} /s >< HKEY_CLASSES_ROOT\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887} /s >< HKEY_CLASSES_ROOT\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887} /s >< HKEY_CLASSES_ROOT\CLSID\{212B3DCC-A901-4203-B4F2-ADCB957D1887} /s >< HKEY_CLASSES_ROOT\CLSID\{A12BEDCC-A901-4203-B4F2-ADCB957D1887} /s >< HKEY_CLASSES_ROOT\CLSID\{118BEDCA-A901-4203-B4F2-ADCB957D188F} /s >< HKEY_CLASSES_ROOT\CLSID\{118BEDCA-A901-4203-B4F2-ADCB957D188B} /s >< HKEY_CLASSES_ROOT\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /s >< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /s >< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3543619C-D563-43f7-95EA-4DA7E1CC396A} /s >< HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers /s >[HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]"" = {217FC9C0-3AEA-1069-A2DB-08002B30309D}[HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]"" = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}< HKEY_CLASSES_ROOT\Directory\Shellex\CopyHookHandlers\MSCopy /s >< HKEY_CURRENT_USER\Software\Classes\Directory\shellex\CopyHookHandlers /s >< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers /s >[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\FileSystem]"" = {217FC9C0-3AEA-1069-A2DB-08002B30309D}[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\Sharing]"" = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}< HKEY_CURRENT_USER\Software\MSOLoad /s >< type C:\WINDOWS\system.ini >> test.txt /c >; for 16-bit app support[386Enh]woafont=dosapp.fonEGA80WOA.FON=EGA80WOA.FONEGA40WOA.FON=EGA40WOA.FONCGA80WOA.FON=CGA80WOA.FONCGA40WOA.FON=CGA40WOA.FON[drivers]wave=mmdrv.dlltimer=timer.drv[mci]< bcdedit /enum all /v >C:\boot.txt /c >< type c:\diskreport.txt /c >Microsoft DiskPart version 6.1.7601Copyright © 1999-2008 Microsoft Corporation.On computer: CHRIS-PC Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- Volume 0 D DVD-ROM 0 B No Media Volume 1 System NTFS Partition 100 MB Healthy System Volume 2 C Windows NTFS Partition 931 GB Healthy Boot < MD5 for: AFD.SYS >[2013/09/13 20:11:05 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=26EF7E0DF4EDCD898EB7A671529410B8 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22457_none_366f8b668e482477\afd.sys[2013/09/13 20:10:19 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=314C17917AC8523EC77A710215012A65 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18264_none_35d81beb75355772\afd.sys[2013/09/27 20:14:56 | 000,496,128 | ---- | M] (Microsoft Corporation) MD5=50AB05903CBEF298D135A943D4432E3C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.22467_none_3664bb7a8e504068\afd.sys[2013/09/27 20:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=79059559E89D06E8B80CE2944BE20228 -- C:\Windows\SysNative\drivers\afd.sys[2013/09/27 20:09:10 | 000,497,152 | ---- | M] (Microsoft Corporation) MD5=79059559E89D06E8B80CE2944BE20228 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.18272_none_35cb4b6b753f40b5\afd.sys[2010/11/20 22:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys[2011/04/24 21:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys[2011/04/24 22:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys< MD5 for: ATAPI.SYS >[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys< MD5 for: CSC.SYS >[2010/11/20 22:24:41 | 000,514,560 | ---- | M] (Microsoft Corporation) MD5=54DA3DFD29ED9F1619B6F53F3CE55E49 -- C:\Windows\winsxs\amd64_microsoft-windows-offlinefiles-core_31bf3856ad364e35_6.1.7601.17514_none_fc6e4e567286d457\csc.sys< MD5 for: DFSC.SYS >[2010/11/20 22:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=9BB2EF44EAA163B29C4A4587887A0FE4 -- C:\Windows\SysNative\drivers\dfsc.sys[2010/11/20 22:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=9BB2EF44EAA163B29C4A4587887A0FE4 -- C:\Windows\winsxs\amd64_microsoft-windows-dfsclient_31bf3856ad364e35_6.1.7601.17514_none_e5c0334cfcbb6f1f\dfsc.sys< MD5 for: DISK.SYS >[2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys[2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys[2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys< MD5 for: EXPLORER.EXE >[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe< MD5 for: FASTFAT.SYS >[2009/07/13 18:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys[2009/07/13 18:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys< MD5 for: I8042PRT.SYS >[2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys[2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys[2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys[2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys[2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys< MD5 for: KBDCLASS.SYS >[2009/07/13 20:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\erdnt\cache64\kbdclass.sys[2009/07/13 20:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\drivers\kbdclass.sys[2009/07/13 20:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdclass.sys[2009/07/13 20:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) MD5=BC02336F1CBA7DCC7D1213BB588A68A5 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys< MD5 for: KBDHID.SYS >[2010/11/20 22:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=0705EFF5B42A9DB58548EEC3B26BB484 -- C:\Windows\SysNative\drivers\kbdhid.sys[2010/11/20 22:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=0705EFF5B42A9DB58548EEC3B26BB484 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdhid.sys[2010/11/20 22:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=0705EFF5B42A9DB58548EEC3B26BB484 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdhid.sys< MD5 for: LSASS.EXE >[2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe[2011/11/17 01:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe[2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\erdnt\cache64\lsass.exe[2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe[2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe[2012/06/04 02:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe[2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe[2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe[2013/09/24 20:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe< MD5 for: MOUCLASS.SYS >[2009/07/13 20:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- C:\Windows\SysNative\drivers\mouclass.sys[2009/07/13 20:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\mouclass.sys[2009/07/13 20:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) MD5=7D27EA49F3C1F687D357E77A470AEA99 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\mouclass.sys< MD5 for: MOUHID.SYS >[2009/07/13 19:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- C:\Windows\SysNative\drivers\mouhid.sys[2009/07/13 19:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\mouhid.sys[2009/07/13 19:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=D3BF052C40B0C4166D9FD86A4288C1E6 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\mouhid.sys< MD5 for: NETBT.SYS >[2010/11/20 22:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys[2010/11/20 22:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys< MD5 for: SERIAL.SYS >[2009/07/13 19:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- C:\Windows\SysNative\drivers\serial.sys[2009/07/13 19:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- C:\Windows\SysNative\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys[2009/07/13 19:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) MD5=C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 -- C:\Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys< MD5 for: SERVICES.EXE >[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe< MD5 for: SMSS.EXE >[2009/07/13 20:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe[2013/08/28 20:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe[2013/08/02 00:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe[2013/03/18 22:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe[2013/08/01 19:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe[2013/08/01 19:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe< MD5 for: SPLDR.SYS >[2009/07/13 20:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=B9E31E5CACDFE584F34F730A677803F9 -- C:\Windows\SysNative\drivers\spldr.sys[2009/07/13 20:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=B9E31E5CACDFE584F34F730A677803F9 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59\spldr.sys< MD5 for: SVCHOST.EXE >[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe< MD5 for: TCPIP.SYS >[2012/10/03 12:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys[2013/09/07 21:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\erdnt\cache64\tcpip.sys[2013/09/07 21:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys[2013/09/07 21:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys[2010/11/20 22:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys[2013/09/06 21:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys[2011/04/25 00:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys[2013/07/06 00:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys[2011/04/25 01:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys[2012/10/03 12:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys[2013/07/06 01:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys[2013/11/26 06:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys< MD5 for: USERINIT.EXE >[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe< MD5 for: VOLSNAP.SYS >[2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys[2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys[2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys< MD5 for: WININIT.EXE >[2009/07/13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\erdnt\cache64\wininit.exe[2009/07/13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe[2009/07/13 20:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe[2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\erdnt\cache86\wininit.exe[2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe[2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe< MD5 for: WINLOGON.EXE >[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[C:\Documents and Settings] -> C:\Users -> Junction[C:\ProgramData\Application Data] -> C:\ProgramData -> Junction[C:\ProgramData\Desktop] -> C:\Users\Public\Desktop -> Junction[C:\ProgramData\Documents] -> C:\Users\Public\Documents -> Junction[C:\ProgramData\Favorites] -> C:\Users\Public\Favorites -> Junction[C:\ProgramData\Start Menu] -> C:\ProgramData\Microsoft\Windows\Start Menu -> Junction[C:\ProgramData\Templates] -> C:\ProgramData\Microsoft\Windows\Templates -> Junction[C:\Users\All Users\Application Data] -> C:\ProgramData -> Junction[C:\Users\All Users\Desktop] -> C:\Users\Public\Desktop -> Junction[C:\Users\All Users\Documents] -> C:\Users\Public\Documents -> Junction[C:\Users\All Users\Favorites] -> C:\Users\Public\Favorites -> Junction[C:\Users\All Users\Start Menu] -> C:\ProgramData\Microsoft\Windows\Start Menu -> Junction[C:\Users\All Users\Templates] -> C:\ProgramData\Microsoft\Windows\Templates -> Junction[C:\Users\All Users] -> -> Unknown point type[C:\Users\Chris\AppData\Local\Application Data] -> C:\Users\Chris\AppData\Local -> Junction[C:\Users\Chris\AppData\Local\History] -> C:\Users\Chris\AppData\Local\Microsoft\Windows\History -> Junction[C:\Users\Chris\AppData\Local\Temporary Internet Files] -> C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction[C:\Users\Chris\Application Data] -> C:\Users\Chris\AppData\Roaming -> Junction[C:\Users\Chris\Cookies] -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies -> Junction[C:\Users\Chris\Documents\My Music] -> C:\Users\Chris\Music -> Junction[C:\Users\Chris\Documents\My Pictures] -> C:\Users\Chris\Pictures -> Junction[C:\Users\Chris\Documents\My Videos] -> C:\Users\Chris\Videos -> Junction[C:\Users\Chris\Local Settings] -> C:\Users\Chris\AppData\Local -> Junction[C:\Users\Chris\My Documents] -> C:\Users\Chris\Documents -> Junction[C:\Users\Chris\NetHood] -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction[C:\Users\Chris\PrintHood] -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction[C:\Users\Chris\Recent] -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Recent -> Junction[C:\Users\Chris\SendTo] -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\SendTo -> Junction[C:\Users\Chris\Start Menu] -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction[C:\Users\Chris\Templates] -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Templates -> Junction[C:\Users\Default User] -> C:\Users\Default -> Junction[C:\Users\Default\AppData\Local\Application Data] -> C:\Users\Default\AppData\Local -> Junction[C:\Users\Default\AppData\Local\History] -> C:\Users\Default\AppData\Local\Microsoft\Windows\History -> Junction[C:\Users\Default\AppData\Local\Temporary Internet Files] -> C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction[C:\Users\Default\Application Data] -> C:\Users\Default\AppData\Roaming -> Junction[C:\Users\Default\Documents\My Music] -> C:\Users\Default\Music -> Junction[C:\Users\Default\Documents\My Pictures] -> C:\Users\Default\Pictures -> Junction[C:\Users\Default\Documents\My Videos] -> C:\Users\Default\Videos -> Junction[C:\Users\Default\Local Settings] -> C:\Users\Default\AppData\Local -> Junction[C:\Users\Default\My Documents] -> C:\Users\Default\Documents -> Junction[C:\Users\Default\NetHood] -> C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction[C:\Users\Default\PrintHood] -> C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction[C:\Users\Default\Recent] -> C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent -> Junction[C:\Users\Default\SendTo] -> C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo -> Junction[C:\Users\Default\Start Menu] -> C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction[C:\Users\Default\Templates] -> C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates -> Junction[C:\Users\Public\Documents\My Music] -> C:\Users\Public\Music -> Junction[C:\Users\Public\Documents\My Pictures] -> C:\Users\Public\Pictures -> Junction[C:\Users\Public\Documents\My Videos] -> C:\Users\Public\Videos -> Junction< End of report >Here is my Extra.txt Log:OTL Extras logfile created on: 3/3/2014 6:13:35 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop\Clean64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.11.9600.16518)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy7.98 Gb Total Physical Memory | 3.66 Gb Available Physical Memory | 45.91% Memory free15.96 Gb Paging File | 11.90 Gb Available in Paging File | 74.54% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 931.41 Gb Total Space | 452.41 Gb Free Space | 48.57% Space Free | Partition Type: NTFSComputer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation).url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation).html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)[HKEY_USERS\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Classes\<extension>].html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)========== Shell Spawning ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htafile [open] -- "%1" %*htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htafile [open] -- "%1" %*htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.========== Security Center Settings ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1"FirewallDisableNotify" = 0"AntiVirusDisableNotify" = 0"UpdatesDisableNotify" = 064bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 064bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]========== System Restore Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0========== Firewall Settings ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"EnableFirewall" = 1"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"EnableFirewall" = 1"DisableNotifications" = 0========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]========== Vista Active Open Ports Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{074BF298-7B1E-4E7A-8F4B-01F7EDB15E4F}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |"{096597CF-0DE1-408D-927C-F09D77C0E13C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{0C532ED2-EBCC-45BA-9ED3-BE39A46E4880}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |"{0DF3ACAE-37F0-44E9-A05D-B606731BA6EA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{1F6F1997-B58A-40D6-928F-09648FC92D55}" = rport=445 | protocol=6 | dir=out | app=system |"{1F6FF67D-EBF7-40EB-BC6C-70999F063AE5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{1FB30D4C-CC6A-4615-AB90-E47400A0C89E}" = rport=137 | protocol=17 | dir=out | app=system |"{29164726-C27F-41DD-AACD-1484A35D5383}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |"{317B3B5D-E13A-4025-B835-4C8D55B17D34}" = lport=139 | protocol=6 | dir=in | app=system |"{3EE40EA0-F1F1-4923-ABC3-B038595B6539}" = lport=2869 | protocol=6 | dir=in | app=system |"{47ECB127-0FBC-4BEB-B340-CABE8E55C857}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |"{592D8012-5EAE-4394-AE67-00BFB176EC0A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |"{59CE9ED5-E4DF-4C01-9F55-B243297E604D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |"{5BCBE92F-39F1-4B81-891A-D19AC5A9B50B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |"{61E2342A-6A29-48FE-816B-12D201C88808}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\remotecrashsender.exe |"{7F01D14E-5D69-4F4C-A076-8E54AE8C827E}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |"{818CFCA5-F481-4DD3-8212-569B917A9922}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |"{88010F55-8A9F-4AAD-923D-97AB99CD03AF}" = lport=137 | protocol=17 | dir=in | app=system |"{933D6C5D-2411-494E-8A36-9DD61C0B9B68}" = rport=80 | protocol=6 | dir=out | app=c:\users\chris\appdata\local\warframe\downloaded\public\tools\launcher.exe |"{9D337F21-B2D4-4AD1-B950-E8DF0C461716}" = rport=10243 | protocol=6 | dir=out | app=system |"{ADDB1C37-519E-47B8-9F74-A00F8FA52604}" = rport=139 | protocol=6 | dir=out | app=system |"{B3CF0450-E149-4877-84EE-8D664B35EBC8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |"{B77F4628-84CE-407B-BEAC-AC451DBD6809}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |"{BB66F16A-1FBC-4366-9C05-4CC7855DB550}" = lport=138 | protocol=17 | dir=in | app=system |"{C7D54FEF-0238-41AE-885C-ABDDD4E2AC6D}" = rport=138 | protocol=17 | dir=out | app=system |"{D982EAD3-996A-4B56-AFAC-F79012061608}" = lport=445 | protocol=6 | dir=in | app=system |"{EADD89F5-EE75-4106-A9C6-76C4AB5C4677}" = lport=10243 | protocol=6 | dir=in | app=system |"{FD125AC7-FFD1-440A-88ED-4AF7E612CAAA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |========== Vista Active Application Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]"{00E83FBE-10EB-4566-8838-28B418D2349F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |"{011AE9AD-C9C4-41BB-85B4-0BC6AC0B9BE3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |"{01254583-92F9-49C2-ADA6-F89F91589031}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |"{017F74DA-DE93-48E6-BF1D-D99619CE8475}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |"{04343B82-DBBA-466C-BF47-A6ED5BAB90D2}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |"{04571557-A3D7-43EE-8104-07EB383D2C5F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |"{0575A34D-E747-4ACB-B656-2CB10891351D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |"{064AE4C7-6BB0-4778-910E-934BE9913B44}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |"{07695326-EF79-4723-A936-9360AF428CFC}" = protocol=6 | dir=in | app=c:\udk\udk-2013-07\binaries\win64\udk.exe |"{077AF1DD-3E5C-418E-95D8-A2596DDA6682}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |"{094A9307-39BD-4385-8D7E-4FD1D6D5D645}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |"{0AF023B5-D946-4D03-8D9F-07D394A21F00}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |"{0DDE81B3-53AD-4491-8278-F92B4C095E55}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\super street fighter iv\ssfiv.exe |"{12191FDF-FF5A-452B-A8C1-5C246E10030B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |"{14EACD09-CBE5-4BA3-BA82-10881B9778A6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |"{16484F3D-5569-4DCB-95AC-BC3C0E1DBC00}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |"{1CDAC340-F7E2-4DC1-A5F6-33BF4CFEF718}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\super street fighter iv\ssfiv.exe |"{217B01EA-02F9-4FF8-A934-255912D25F76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |"{22309DE3-6CF8-4375-909B-2E04BBEF9CCB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |"{230E2FB0-499B-4F4F-8893-26E7F27FB2A5}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |"{23D9FBC4-7B3E-4CEB-B831-FA2109C0069B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |"{25CEC040-63B8-44F4-B1A3-834F7C6E281B}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mirrors edge\binaries\mirrorsedge.exe |"{260DF88D-69B2-438E-95B4-17EFC7BE3E69}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |"{26300E04-8F76-431D-B251-D23932193BE8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |"{26C2D817-6EF4-4DCA-8454-B0B0CD482D1F}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |"{27424707-C43C-43CF-81D8-463A789B634C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe |"{28EFDDFA-0C77-474D-B293-BB35E976FE5E}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |"{2DA89FD8-4BB8-4015-AE86-0EB16B1240EE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2581\agent.exe |"{2F88D5A1-A328-4F65-BDFE-9A8B2000C126}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |"{311F9836-1D24-4A55-8DB1-5A1889D3CA78}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |"{33FC80CD-4F11-4EF8-B8BB-BA00743D9420}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |"{342FFA4D-69B6-4D0D-8E9F-D6D5D7570ACD}" = protocol=6 | dir=out | app=system |"{36806AA6-CFE1-4EF7-9AC5-952F663DC19B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage64.exe |"{3842299D-9F14-4424-9F2C-2087969AADDB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{39FCEAD8-37B4-43F5-8548-54C8BBAC4BB5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |"{3B42D3AE-78ED-4E87-9469-2244BA15FCB2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |"{3B665F1F-3E1D-4F6D-8EF2-85DE839A3C45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |"{3C7CC72E-391E-4F44-84A9-19E1416023ED}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |"{3DA1A2CA-2446-436E-AAE2-B59AA76F4D29}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |"{3F452B35-E749-4C8E-83C8-F59BD7884472}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |"{406C9AE2-F418-4410-BCE8-F5C4F5574008}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |"{474F3568-53A2-4C04-B23F-8877DBC3799C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |"{47ECF117-2AAD-4FDF-B699-824D7765719E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |"{4871CAB4-ADBE-4DD7-8E82-4533F1E1395B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |"{4A065D56-FC3C-432A-A9A5-C2FE1A7F6A52}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage.exe |"{4C7104D2-7829-4DAA-988A-9A08251422CB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |"{4E3B9C6A-38B6-42D3-828B-ECC84CE9DBD1}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |"{4FEBC088-D8D8-4EC2-BB1D-C2024435CFD1}" = protocol=17 | dir=in | app=c:\program files\luxology\modo\701\modo.exe |"{51EE51B4-3C34-4E86-9ADA-DEC585490DF7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |"{52426701-2DEF-4D2F-ADEA-1634595BD990}" = dir=in | app=c:\users\chris\appdata\roaming\adobe\wmiprv\wmiprvse.exe |"{530BE087-7F1E-4EC4-B0F6-BBF0832410A4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |"{5460ED9E-71EA-49DB-9208-DA2FA2554001}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |"{54CDA346-2EA3-4740-A6FA-5CAC126955BA}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fearmp.exe |"{554AC41A-DED8-4C0D-BA85-BC5FEB3FF8AB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |"{569567C1-2E26-4EDB-B4A1-FB91870A12CF}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |"{57E551BC-C876-4880-B904-A209A3792CF4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{5AFE94EA-7BEB-4B92-9703-D3B65E579C61}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |"{5B0DE435-9345-48A6-90D1-F6DF27B7BA73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |"{5C5E149F-9271-41FE-836D-96F751EB7BC7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{621A0008-0B80-4A8A-8940-E327C7919EE6}" = protocol=17 | dir=in | app=c:\users\chris\appdata\roaming\utorrent\utorrent.exe |"{647BBDCA-6333-458E-BA46-CD390B1148E6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |"{686DD41A-1684-403B-A6AD-3FBF083D8118}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |"{69184158-F28F-4ECF-B17C-EB40E07238D9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |"{704A7A79-B29D-4D06-BFBF-79ECD36A6DF4}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |"{718D404A-4DA7-4ECD-BA23-6675E316354D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe |"{7344AF1E-B5B9-40FB-857C-28202B651702}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |"{7559128D-92C2-4CA5-BB34-686CCBC976FE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |"{757B2757-910C-46C7-BEFE-DED73C6F2EB8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |"{795F3541-A8C5-4360-BD6D-745661D6CF59}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |"{7A83E6F7-2FE4-46B1-A6A4-BAD1CFE239A1}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |"{7CC6C084-6E38-4C5F-B3B6-FB0394586D49}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe |"{7CCDB09D-7E4E-4740-921E-679B6F486B1A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mirrors edge\binaries\mirrorsedge.exe |"{847BE4B4-B45D-4BF4-B4FB-E7684A30BF26}" = dir=in | app=c:\windows\explorer.exe |"{8C2E0653-3009-4BB3-943B-B7F5506A13DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{8D2D3655-FD1B-406C-968F-EBE684D0C36A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |"{8E5427DA-8154-48B2-A29C-C494323C2FA0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{900EA05F-025D-4EB5-86EA-2A5E9C31E3CD}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |"{9A98BA34-31F5-4247-BC19-34CE508D88EB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |"{9AD0CA30-7EC7-4DED-A0F3-4037B31F4A22}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{9C19E794-3089-42B2-9839-7D8EF5FF0766}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |"{9CE9AC95-A7F8-4CD8-A2C8-4F8913D7F7A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage.exe |"{9F41038B-0147-4428-8E91-11325B988E85}" = protocol=6 | dir=in | app=c:\users\chris\appdata\roaming\utorrent\utorrent.exe |"{A178A8B3-7B39-46FA-9ED6-5EFC265F90D6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |"{A2CE2911-1476-4E85-B49F-C2F2919DAE8D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |"{A44B890F-8A51-4A70-929F-ED9338430987}" = protocol=17 | dir=in | app=c:\udk\udk-2013-07\binaries\win64\udk.exe |"{A5C28CAC-612C-4AA0-8FEF-46655A935C56}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{A67850DA-A08B-4F63-8D3B-697E6E800333}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |"{AFC451FA-C47D-43FA-9EE4-212419D805C1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |"{B207205B-412D-40A0-9663-C81F91836B02}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |"{B47E345D-A60B-45EB-A632-03360A7D835C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3sp.exe |"{B529E6EE-3464-44C0-859B-2308CACF1743}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |"{B643A720-0F68-4CF4-B791-916B74F702BB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{B77471F5-7BE1-4393-8680-2696E52B080F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |"{BA47A7CF-5653-4515-8E13-CDCD1FF20A17}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |"{BA5C1AFE-37E5-4351-93B8-DA22972BA515}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |"{BA6C812B-806B-452B-B771-1AA12622CDE0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |"{BC506285-969E-489F-A675-B9FB98FB6B35}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage64.exe |"{BDB87666-C63B-4925-9C6B-BF8ECF535E4B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{C0965D3A-6C55-4B93-A59B-467A13A8643D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |"{C3B017B6-3F80-48B8-B2D4-EED9408D611E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{C3BF4EDD-BB99-41EF-B33B-2CB98A7D3A6D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |"{C4A70655-D5B6-4AB1-B6AD-6A355E071EB3}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |"{C635FB36-3B94-4B87-BDAF-6F37F9F5806E}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fearmp.exe |"{D5D29578-7C45-40A8-AF51-CB0E0E2B5ADE}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |"{D9AE7521-D9C9-4380-8654-DC4B6A07903A}" = dir=in | app=c:\windows\system32\rundll32.exe |"{D9E361BB-BC49-437D-AF7C-3BDBB86F1E91}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |"{DAC14300-DD20-4EC1-B7E0-4A8915622377}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |"{DD1DEF31-60C3-4447-922A-833C85974E6E}" = protocol=6 | dir=in | app=c:\program files\luxology\modo\701\modo.exe |"{E22CDFD5-E283-4180-83E8-D00EB068CB38}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |"{E5CA6ACC-EE0F-4946-AEA5-DB1BB00055C9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |"{EB1B7209-E4A6-4C15-A151-5CFAAAC607B6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |"{EDC3B889-D43E-4CE4-8070-16F37AF91D1B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |"{EE707962-2631-4425-9F5D-600224E49D6D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{EFAE62CA-1378-45F2-B3DE-0963C10ECC2A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{F53F75AE-5D4C-4156-BDF5-DB32F812922B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |"{F9919E0B-2E9E-4B13-9720-78BFC5941A69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |"{F9E5E2E5-0FE2-45C9-96D5-C925AB1BCEC5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |"TCP Query User{11044C90-7207-41D6-A152-330AFA075498}C:\udk\udk-2013-07\binaries\win64\udk.exe" = protocol=6 | dir=in | app=c:\udk\udk-2013-07\binaries\win64\udk.exe |"TCP Query User{3CD33FDE-D65B-4712-83E3-F6B68D99C401}C:\users\chris\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\chris\appdata\local\akamai\netsession_win.exe |"TCP Query User{43FB207E-D55F-47D4-89CF-898B53B9FBE7}C:\program files (x86)\microsoft games\halo\halo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo\halo.exe |"TCP Query User{45E07985-2D0C-4432-B048-B69D367E4FF3}C:\program files\autodesk\maya2014\bin\maya.exe" = protocol=6 | dir=in | app=c:\program files\autodesk\maya2014\bin\maya.exe |"TCP Query User{614B1D82-267D-4667-A599-40A3050C4FDA}C:\program files (x86)\secondlifeviewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\secondlifeviewer\slvoice.exe |"TCP Query User{943EF44F-7D78-4D09-9615-97213310FEC3}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |"TCP Query User{A691AFC5-E5E5-4762-9BA6-3B172FD0D064}C:\udk\udk-2013-07\binaries\swarmagent.exe" = protocol=6 | dir=in | app=c:\udk\udk-2013-07\binaries\swarmagent.exe |"TCP Query User{B0FB5025-5586-49A9-91DE-33EBA3335A72}C:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe" = protocol=6 | dir=in | app=c:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe |"TCP Query User{B8225D53-F1E9-4A6F-842E-0E4888D3121B}C:\program files (x86)\unity\editor\unity.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unity\editor\unity.exe |"TCP Query User{CB08FA57-F54D-4244-B0B3-F2471B027934}C:\udk\udk-2013-07\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\udk\udk-2013-07\binaries\win32\udk.exe |"TCP Query User{E862A7CE-FE1B-41D2-99F1-8C5513162639}C:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe" = protocol=6 | dir=in | app=c:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe |"TCP Query User{F4F4BB08-820D-4645-BBCD-D165380C931E}C:\users\chris\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\chris\appdata\local\akamai\netsession_win.exe |"UDP Query User{327F7A93-E37D-452D-8C60-78E023CF2AE8}C:\users\chris\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\chris\appdata\local\akamai\netsession_win.exe |"UDP Query User{349FFA76-07FF-4816-8C89-18CAB01856A4}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe |"UDP Query User{568D6B96-5F6C-48EC-A6C8-88DB24CB531B}C:\udk\udk-2013-07\binaries\win64\udk.exe" = protocol=17 | dir=in | app=c:\udk\udk-2013-07\binaries\win64\udk.exe |"UDP Query User{5E3E0A05-AED7-495A-9D27-B425D04C6CE7}C:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe" = protocol=17 | dir=in | app=c:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe |"UDP Query User{6DD8997F-4720-42DA-9AB7-6D987D18F59B}C:\program files\autodesk\maya2014\bin\maya.exe" = protocol=17 | dir=in | app=c:\program files\autodesk\maya2014\bin\maya.exe |"UDP Query User{831E7C5B-1E22-4F3D-80C7-FEEF346039E4}C:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe" = protocol=17 | dir=in | app=c:\users\chris\desktop\3d-coat-v4\3d-coatdx64s.exe |"UDP Query User{8663F71C-D1A4-42D8-85F5-498E0327FF83}C:\program files (x86)\unity\editor\unity.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unity\editor\unity.exe |"UDP Query User{AD975E87-06D8-40A3-934F-35FFD4F3E9BA}C:\program files (x86)\secondlifeviewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\secondlifeviewer\slvoice.exe |"UDP Query User{C4DCE0FB-0C3D-47D6-961D-3D4B019E2F60}C:\udk\udk-2013-07\binaries\swarmagent.exe" = protocol=17 | dir=in | app=c:\udk\udk-2013-07\binaries\swarmagent.exe |"UDP Query User{D7287972-05FE-4991-9B16-DA4F29DA2CB3}C:\program files (x86)\microsoft games\halo\halo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo\halo.exe |"UDP Query User{DE091258-366E-4BE9-BA35-1BA1FA696C66}C:\udk\udk-2013-07\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\udk\udk-2013-07\binaries\win32\udk.exe |"UDP Query User{F7AD1A3C-7094-4812-9384-D4F8392EFAB8}C:\users\chris\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\chris\appdata\local\akamai\netsession_win.exe |========== HKEY_LOCAL_MACHINE Uninstall List ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector"{190BC83F-D54E-4494-830E-7FB4A5F4B964}" = Local Subtitles for 64-bit WMP"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148"{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}" = mental ray renderer for Autodesk Maya 2014"{5AAB972C-FF31-4B01-8445-50C42860EC02}" = Autodesk Composite 2014"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)"{7C4C5901-A58F-4018-A93B-01C93EF8D3F3}" = AVG 2014"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1"{7FA8BC5D-7CE4-42F3-8EAE-32DF5BAB53A7}" = Autodesk Maya 2014"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables"{8FC7C2B2-0F64-4B35-AA3D-2B051D009243}" = Autodesk DirectConnect 2014 64-bit"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting"{A7500970-FE98-11E1-B560-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)"{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}" = Autodesk MatchMover 2014"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 327.23"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.23"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.23"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 326.01"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour"{CE470020-CCCF-4C09-9AB9-B710A4FBE2C8}" = AVG 2014"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service"{F9BE7B54-D322-43D6-83DD-CD132E4B8EEE}" = Autodesk Mudbox 2014"Autodesk Composite 2014" = Autodesk Composite 2014"Autodesk DirectConnect 2014 64-bit" = Autodesk DirectConnect 2014 64-bit"Autodesk Maya 2014" = Autodesk Maya 2014"Autodesk Mudbox 2014" = Autodesk Mudbox 2014"AVG" = AVG 2014"CCleaner" = CCleaner"TeamSpeak 3 Client" = TeamSpeak 3 Client"UDK-cc22b77f-9cae-40b5-9806-1d755fc98774" = Unreal Development Kit: 2013-07[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections"{2937C578-0CDD-4936-A869-912FD029436E}" = Warframe"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR"{2DD84AB2-8BF4-49FA-9D62-E3F93D4F56FB}" = Roxio Game Capture HD PRO"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = lightshot-4.4.2.10"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2014"{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition"{43430FA0-4A2E-404A-B715-951000058101}" = SUPER STREET FIGHTER IV: ARCADE EDITION"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{4D2F193D-4725-4518-9F23-AAF5A3475875}" = Free Soundcloud Downloader"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack"{5DB849D6-9392-4FB7-9ABB-87ED433152E5}" = LG United Mobile Drivers"{5F187E71-93D7-4849-B5C2-1DD1747C81A7}" = Roxio CinePlayer Decoder Pack"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE"{69290A89-5CD6-42A2-BBD9-D1EE95A3E490}" = Roxio GameCAP HD PRO"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106"{6FF4C560-A95B-42DE-83AD-62C8737115E9}" = Roxio Game Capture HD PRO"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX"{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}" = Snagit 11"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform"{86134348-6422-4486-AB6A-0E01DBA39DE6}" = ClipConverter"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight"{8B4A6011-BB10-4918-B561-3F6CF5712B37}" = Splash Lite"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime"{8CD86D42-C4DD-4E40-9211-164DFFBCA4DB}" = AVG PC TuneUp 2014 (en-US)"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™"{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}" = Free CBR Reader"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari"{CCE68200-4ED0-3E0A-A7F2-504897E356AB}" = Google Talk Plugin"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE"{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}" = RuneScape Launcher 1.2.3"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials"701_64" = Luxology modo 701 64-bit build 58358"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin"AVG PC TuneUp" = AVG PC TuneUp 2014"AVS Video Editor_is1" = AVS Video Editor 6"Battle.net" = Battle.net"Battlelog Web Plugins" = Battlelog Web Plugins"Convert Audio Free FLAC to MP3_is1" = Convert Audio Free FLAC to MP3 version 1.0"DMUninstaller" = DMUninstaller"Fraps" = Fraps (remove only)"Freemake Video Downloader_is1" = Freemake Video Downloader"GameSpy Arcade" = GameSpy Arcade"GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition"Google Chrome" = Google Chrome"Halo" = Microsoft Halo"Hearthstone" = Hearthstone"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)"MozillaMaintenanceService" = Mozilla Maintenance Service"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver"Origin" = Origin"PunkBusterSvc" = PunkBuster Services"SecondLifeViewer" = SecondLifeViewer (remove only)"Steam" = Steam"Steam App 230410" = Warframe"Steam App 238960" = Path of Exile"Steam App 240" = Counter-Strike: Source"Steam App 550" = Left 4 Dead 2"Steam App 7940" = Call of Duty 4: Modern Warfare"Steam App 9200" = RAGE"Steam App 98200" = Frozen Synapse"Unity" = Unity"WinLiveSuite" = Windows Live Essentials"WinPcapInst" = WinPcap 4.1.2"WinRAR archiver" = WinRAR 5.00 (32-bit)========== HKEY_USERS Uninstall List ==========[HKEY_USERS\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"Akamai" = Akamai NetSession Interface"UnityWebPlayer" = Unity Web Player"uTorrent" = µTorrent========== Last 20 Event Log Errors ==========[ Application Events ]Error - 2/28/2014 8:33:02 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10Description =Error - 2/28/2014 8:45:57 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,time stamp: 0x4d672ee4 Faulting module name: CryptoProvider.dll_unloaded, version: 0.0.0.0, time stamp: 0x53026bf0 Exception code: 0xc0000005 Fault offset: 0x000007fef4517da8Faulting process id: 0x92c Faulting application start time: 0x01cf34810d76a60b Faulting application path: C:\Windows\Explorer.EXE Faulting module path: CryptoProvider.dll Report Id: 441e7b88-a076-11e3-a30a-94de80ce66f5Error - 2/28/2014 9:02:14 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x03a70869 Faulting process id: 0xb58 Faulting application start time: 0x01cf34811d20c1b9 Faulting application path: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting module path: unknown Report Id: 8afb4a19-a078-11e3-a30a-94de80ce66f5Error - 2/28/2014 9:02:19 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc000041d Fault offset: 0x03a70869 Faulting process id: 0xb58 Faulting application start time: 0x01cf34811d20c1b9 Faulting application path: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting module path: unknown Report Id: 8dbab879-a078-11e3-a30a-94de80ce66f5Error - 2/28/2014 11:09:41 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x025c0000 Faulting process id: 0x14ec Faulting application start time: 0x01cf3485dd957af0 Faulting application path: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting module path: unknown Report Id: 58ef1283-a08a-11e3-a30a-94de80ce66f5Error - 2/28/2014 11:09:45 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc000041d Fault offset: 0x025c0000 Faulting process id: 0x14ec Faulting application start time: 0x01cf3485dd957af0 Faulting application path: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting module path: unknown Report Id: 5b01f4b9-a08a-11e3-a30a-94de80ce66f5Error - 2/28/2014 5:33:54 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10Description =Error - 2/28/2014 7:06:45 PM | Computer Name = Chris-PC | Source = Application Error | ID = 1000Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x02040816 Faulting process id: 0x1640 Faulting application start time: 0x01cf34d855d9c47c Faulting application path: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting module path: unknown Report Id: fdf4c713-a0cc-11e3-9457-94de80ce66f5Error - 2/28/2014 7:07:01 PM | Computer Name = Chris-PC | Source = Application Error | ID = 1000Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc000041d Fault offset: 0x02040816 Faulting process id: 0x1640 Faulting application start time: 0x01cf34d855d9c47c Faulting application path: C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting module path: unknown Report Id: 0766abca-a0cd-11e3-9457-94de80ce66f5Error - 3/1/2014 1:20:01 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10Description =[ System Events ]Error - 1/18/2014 9:21:35 AM | Computer Name = CHRIS-PC | Source = BugCheck | ID = 1001Description =Error - 1/22/2014 3:13:45 AM | Computer Name = Chris-PC | Source = DCOM | ID = 10010Description =Error - 1/22/2014 11:30:32 AM | Computer Name = Chris-PC | Source = DCOM | ID = 10010Description =Error - 1/22/2014 11:30:45 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022Description = The Windows Update service hung on starting.Error - 1/24/2014 7:44:42 AM | Computer Name = Chris-PC | Source = atapi | ID = 262155Description = The driver detected a controller error on \Device\Ide\IdePort2.Error - 1/24/2014 7:44:42 AM | Computer Name = Chris-PC | Source = atapi | ID = 262155Description = The driver detected a controller error on \Device\Ide\IdePort2.Error - 1/24/2014 7:44:42 AM | Computer Name = Chris-PC | Source = atapi | ID = 262155Description = The driver detected a controller error on \Device\Ide\IdePort2.Error - 1/27/2014 4:37:01 PM | Computer Name = Chris-PC | Source = DCOM | ID = 10010Description =Error - 1/29/2014 12:34:30 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7009Description = A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.Error - 1/29/2014 12:34:30 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000Description = The Steam Client Service service failed to start due to the following error: %%1053< End of report > Link to post Share on other sites More sharing options...
B-boy/StyLe/ Posted March 3, 2014 ID:798723 Share Posted March 3, 2014 Hello, We need to run an OTL FixPlease reopen on your desktop. Copy and Paste the following code into the textbox. Do not include the word "Quote":OTLIE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...ReHzFSdngg,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...ReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...ReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperba...qb16f8gSdxa3SSg,IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...ReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...ReHzFSdnhQ,,&q={searchTerms}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}IE - HKU\S-1-5-21-662125380-580819888-2351019072-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...ReHzFSdnhQ,,&q={searchTerms}FF - prefs.js..extensions.enabledAddons: %7B1F3015A6-75BF-4D05-CE58-E58B646B512F%7D:2.0.0FF - prefs.js..extensions.enabledAddons: %7Be91449cd-6c9e-5d65-e8b4-c9468614f780%7D:1.1FF - prefs.js..keyword.URL: "http://feed.helperba...ReHzFSdngQ,,&q="[2014/02/28 08:01:20 | 000,000,000 | ---D | M] (User Pinned) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{1F3015A6-75BF-4D05-CE58-E58B646B512F}[2014/03/02 20:58:17 | 000,000,000 | ---D | M] ("Muvic") -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{e91449cd-6c9e-5d65-e8b4-c9468614f780}[2014/03/02 20:52:56 | 000,022,864 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\searchplugins\Web Search.xmlO3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.[2014/02/28 08:01:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\kgbfdabplphfafenmofiofilgeglfbcp:commands[emptytemp] Push OTL may ask to reboot the machine. Please do so if asked. Click . A report will open. Copy and Paste that report in your next reply. If a report is not shown please navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present. Copy/paste the content of the log back here in your next post. Regards,Georgi Link to post Share on other sites More sharing options...
ChrisFiasco Posted March 3, 2014 Author ID:798877 Share Posted March 3, 2014 OTL Log: All processes killed========== OTL ==========Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!HKU\S-1-5-21-662125380-580819888-2351019072-1000\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!HKEY_USERS\S-1-5-21-662125380-580819888-2351019072-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!Registry key HKEY_USERS\S-1-5-21-662125380-580819888-2351019072-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.Prefs.js: %7B1F3015A6-75BF-4D05-CE58-E58B646B512F%7D:2.0.0 removed from extensions.enabledAddonsPrefs.js: %7Be91449cd-6c9e-5d65-e8b4-c9468614f780%7D:1.1 removed from extensions.enabledAddonsPrefs.js: "http://feed.helperba...ReHzFSdngQ,,&q=" removed from keyword.URLC:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{1F3015A6-75BF-4D05-CE58-E58B646B512F}\components folder moved successfully.C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{1F3015A6-75BF-4D05-CE58-E58B646B512F} folder moved successfully.C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{e91449cd-6c9e-5d65-e8b4-c9468614f780}\components folder moved successfully.C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{e91449cd-6c9e-5d65-e8b4-c9468614f780}\chrome\PublisherImages folder moved successfully.C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{e91449cd-6c9e-5d65-e8b4-c9468614f780}\chrome\images folder moved successfully.C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{e91449cd-6c9e-5d65-e8b4-c9468614f780}\chrome folder moved successfully.C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\extensions\{e91449cd-6c9e-5d65-e8b4-c9468614f780} folder moved successfully.C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\o9wa5s2w.default\searchplugins\Web Search.xml moved successfully.64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\kgbfdabplphfafenmofiofilgeglfbcp\2.0.0 folder moved successfully.C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\kgbfdabplphfafenmofiofilgeglfbcp folder moved successfully.========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Chris->Temp folder emptied: 94478868 bytes->Temporary Internet Files folder emptied: 2345223437 bytes->Java cache emptied: 102258 bytes->FireFox cache emptied: 78997755 bytes->Google Chrome cache emptied: 0 bytes->Apple Safari cache emptied: 44212224 bytes->Flash cache emptied: 1351 bytes User: Default->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytes User: Public->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 1715630 bytes%systemroot%\System32 .tmp files removed: 0 bytes%systemroot%\System32 (64bit) .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 63784 bytes%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43257594 bytesRecycleBin emptied: 773342237 bytes Total Files Cleaned = 3,225.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 03032014_142806 Files\Folders moved on Reboot...C:\Users\Chris\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YGS6BOV9\adB6IJFM6S.gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\160x600[1].js moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\959121246[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\fo[1].js moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\like[7].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\like[8].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\like[9].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\sh150[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\user_sync[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XD3XD2R2\xd_arbiter[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\ifM37QNTPG.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\ifYLF1YF9A.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\like[5].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\like[6].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\p-01-0VIaSjnOLgG4MXYX3L.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\st[2] not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\tt2SNW2BEA.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\ttAN4A2VUZ.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\ttCS1HX3XX.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\ttUJMV4NRM.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TRURNBUW\um[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ab[3].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ad17CKDENY.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\AdDisplayTrackerServlet[6].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\adOXVRY2NQ.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\afr[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\how-to-maximize-your-iphones-battery-life[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\if9F702Q70.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ifCBAF6VJM.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ifM8TUGYUL.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\serv[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\stDMK62YWI moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\stLM51FAMT not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\st[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\tag[3].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\tag[6].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\tt74OLYU5D.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttj1LX5YMZ0.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttj2WKE3ZEY.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttj8JPSJF58.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttj8USYC2HC.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttjBE99ZVJ3.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttjE3H3VUB5.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttjEBI7PV1I.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttjEJPZC4EE.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttjHAF0RFMO.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttjHF2HQ4BT.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\ttjIUBFZOR0.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\t[1].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\t[2].js moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\t[3].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\usermatch2FTL5WPB.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\usermatchEI46MLGH.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\usermatchFBW2M11N.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\vj[3].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIX8ZPJ6\VT38JC01.HTM not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\2631[1].gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ab[6].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\AdDisplayTrackerServlet[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\AdDisplayTrackerServlet[5].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ad[9].gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\B1WKXH7Q.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ev[1] moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\GHUCHIJ5.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\if401CI1MH.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\if7I03GK1W.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifA3P44LZ2.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifFQW9ACQ8.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifGVJV5L13.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifI611FENV.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifQ2G6DCKD.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifQJLIVV4U.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifRWYZLEXQ.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifTIZDRQOC.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ifWLLNWLFN.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\is-a-lipstick-harmful-for-health[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\p-01-0VIaSjnOLg7Z0R6ZPK.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\p-01-0VIaSjnOLgK2Y57P9K.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\pd[4].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\pixel[4].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\rt=ifr[3].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\serv[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\stYLGAH212 not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ttjH6EP6DID.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\ttP4C7GK6Q.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\tubes-give-your-clock-that-mad-scientist-look[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q3G6FMD0\usermatch[4].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ab[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\AdDisplayTrackerServlet[3].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ad[7].gif moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\beacon[2].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\cs[2].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\d49a9527[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\empty[2].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ifHPG17ZQL.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ifK7BC8EOO.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ifM2XM16JR.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ifNTTYBAOM.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ifVSWIP40T.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ifZYICFV69.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\p-01-0VIaSjnOLg84NIJGZY.gif moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\p-01-0VIaSjnOLgOCOURXO2.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\p-01-0VIaSjnOLgR60UE7GO.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\pd[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\pixel[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\st7TM1OR6S not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\stAKWR0Y3U not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\stBBYTWG6Q not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\st[9] not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ttjLAFQ7NTW.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OILJDUKP\ttV6W7UDE8.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ad[9].gif moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\afr[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\beacon[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\beacon[3].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ddc[3].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\emily[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ff2[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\filter[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\if6IHB6RSP.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifCAZH2ANU.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifDT95H9O1.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifGE9HR4B1.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifK3GB9CJI.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifQKS9M79O.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\iframe3[3].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\iframe3[4].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifRJ1KK9SC.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifTP40I2Z2.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ifXX94R9AU.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\likeM9TZU4O4.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[10].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[3].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[4].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[5].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[6].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[7].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[8].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\like[9].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\NY6YLQHN.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\p-01-0VIaSjnOLg4H2CS112.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\p-01-0VIaSjnOLgDYBFTXTZ.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\p-01-0VIaSjnOLgYVGZ1MHV.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\pd[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\pd[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\st22ZLBRK1 not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\stVZW2K1VG not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\st[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\tag[2].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttGIXJ4D16.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttj102A9I1O.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttj337TJPYC.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttjHA4OLDH6.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttjHB71TJB1.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttjHY9KBFXH.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttjI915XN15.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\ttjKWZ9K3C7.js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\TXT[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\t[1].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\t[2].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\usermatch[2].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MZHKLXYF\vj[2].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\ad-300BottomRight[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\ad-casc-300-tier-1[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\adC4A2W1H0.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\adRFAJNS05.gif moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\if89KYIZMA.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\ifBIRE51Q3.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\ifQH4J5J9Y.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\ifTD32XJ0F.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\O7LXr9xX8mQ[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLg41FNNQ35.gif moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLgAGAF9YAR.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLgC29CKWC2.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLgDTE6ZO9M.gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLgKPWT8CJ8.gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLgNMEP2RFP.gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLg[10].gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLg[6].gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLg[8].gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\p-01-0VIaSjnOLg[9].gif moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\pd[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\st[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\t[1].js moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\t[2].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\vj[3].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXS45N2J\W06CZZSW.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJ369DWX\cs[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJ369DWX\ff2[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IJ369DWX\s[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I34SFCQC\ba[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I34SFCQC\ff2[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I34SFCQC\p-01-0VIaSjnOLgVRPBE3OD.gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I34SFCQC\xd_arbiter[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ad455540IO.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\AdDisplayTrackerServlet[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ad[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\afr[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\dazS1PrQQuCxC3iOAJFEJTqR_3kx9_hJXbbyU8S6IN0[1].woff moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\html[5].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\if02JAWPSJ.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\if1WSFSU8G.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\if5YPRLF6F.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifA2J909FF.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifBFSC7QDJ.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifN9WUZ123.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifNOPLOEZL.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifNR4GMY7T.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifP622ZX10.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifUTRRBQ8F.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifVXRIYAVZ.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifYSFSHXRL.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifZ5BX8NXO.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ifZIAUZU8A.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\p-01-0VIaSjnOLg2ZAGF8I3.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\p-01-0VIaSjnOLgKBRDZBX8.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\p-01-0VIaSjnOLgKZ7ZZDPP.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\p-01-0VIaSjnOLgUFRFWHNA.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\p-01-0VIaSjnOLgXH5KCZCX.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\ping[7].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0[1].woff moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\t[1].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\vj[2].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\weird-questions[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHKQKCWM\xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk[1].woff moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1T3XZIV\if3MCDFMIY.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1T3XZIV\ifMSSUS6DA.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1T3XZIV\ifZX28PCUK.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1T3XZIV\showad[4].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1T3XZIV\st[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\11537[1].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\11538[1].js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ad-300TopLeft[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ad-300TopRight[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ad-casc-300-tier-1[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\AdDisplayTrackerServlet[7].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\adRULKCW15.gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\dazS1PrQQuCxC3iOAJFEJR_xHqYgAV9Bl_ZQbYUxnQU[1].woff moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\if31I9ZTB2.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ifDF9ITHJP.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ifIHZ0ENHA.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ifM3O97ZQA.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ifP6KBG4OF.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\iframe3[8].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ifS4ES61GV.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ifXKKNP93J.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ifYZXEYRR2.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\i[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\like[7].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\like[8].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLg2XRQ1MSR.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLg2YJTZZ1V.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLg3H2PQ3TZ.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLgCMQVZX8A.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLgEC4W8R8J.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLgOQW78YRL.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLgQ3L91KKY.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLgRIBEORE1.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\p-01-0VIaSjnOLgYZGHHXV9.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\pd[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\pixel[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\stK1RFJZ41 not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ttj0Q310ZJ8.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ttjKVWC0FKW.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ttjLSFD0N90.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ttjQMO3XET8.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\ttjRYD7RVCD.js not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\usermatch[4].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSGILBC8\y7lebkjgREBJK96VQi37ZobN6UDyHWBl620a-IRfuBk[1].woff moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\AdDisplayTrackerServlet[6].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\AdDisplayTrackerServlet[7].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\ads[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\afr[3].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\beacon[2].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\CDD36BDD2702155B52BAE8825BCD0CB3.cache[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\click[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\containertag[1].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\f[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\getSegment[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\hub[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\hub[2].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\load[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\match[3].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\p-01-0VIaSjnOLgB0FE3ILM.gif moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\p-01-0VIaSjnOLg[4].gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\p-01-0VIaSjnOLg[5].gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\pixel[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\pixel[4].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\s2[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\sb[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\sb[2].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\st[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\st[3] not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\tt4RWZ4OVS.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\ttj1T74IIVL.js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\ttj8GAT1X9V.js moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\ttJ93YBS0K.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\ttjCGDRALJY.js moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\ttW5Q6BPZD.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\usermatch[3].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\usermatch[6].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0DRVKN4\vj[3].js not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ad-casc-728-tier-1[2].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\AdDisplayTrackerServlet7Q4F1TQ9.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\AdDisplayTrackerServletDAIOF33W.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\AdDisplayTrackerServlet[6].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ad[4].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ad[7].gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ad[8].gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\afr[9].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\BG54B9N2.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\cs[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\display[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\emily[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\emily[3].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\emily[4].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ev[1] moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\groupm[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\html[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\html[3].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\if04PVB5M5.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\if63R58XBO.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\if8UZBQLB9.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\if9J6239C9.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ifN0A4S5KL.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ifP6O9Y3M9.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ifQF0OJL6V.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\iframe3[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\iframe3[4].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ifUNZNDN6J.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ifV804RMEJ.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\MDTP6SCB.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\net[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\p-01-0VIaSjnOLg0I9HBUT5.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\p-01-0VIaSjnOLg[7].gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ping[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\QDSMCULY.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\r2[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\s2[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\sb[2].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\sb[3].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\sb[4].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\search[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\video-20130514-256809[1].mp4 moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\W15LB6FS.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5509N7U8\ZXBW751Z.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\adTag[3].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\adTag[4].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\comments[3].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\Dailymotion.eot[1].veaeea4b850068a67 moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\ifL1DQ265I.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\ifSC0D1SI0.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\p-01-0VIaSjnOLg1UCHUUTH.gif moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\s2[2].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\usermatchGZWLPKPJ.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBQXLY7\visitormatch[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\93JP10N1.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\ad-300BottomRight[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\ad-300TopRight[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\adHJDS41FP.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\engine[5].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\html[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\ifI5VN2JXD.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\info[1].gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM[1].woff moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\p-01-0VIaSjnOLgA14IV6VB.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\34NQ12B4\We_iSDqttE3etzfdfhuPRVMR8FhBa8rkfAKaPBwAU3s[1].woff moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\2bmg[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\7HWRLEM5.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\84316402_mp4_h264_aac_2[1].dat moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\ad-300BottomLeft[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\ad-300TopRight[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\ad-casc-300-tier-1[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\ad[9].gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\click[2].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\fastbutton[2].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\if4CQS7MQ9.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\ifKYPDP53W.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\ifO0C2LMSY.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\info[1].gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31LUD1GT\usermatch[8].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\3qPfgRJhy_o6IWGjH-pPcw[1].eot moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ad-casc-300-tier-1[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ad-casc-300-tier-1[4].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ad-casc-300-tier-1[6].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ad-casc-300-tier-1[7].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ad-casc-728-tier-1[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\AdDisplayTrackerServlet[5].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ad[9].gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\beacon[4].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\blank[2].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\if8U5OVOUI.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ifBKV74MG7.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\ifI77RPR7S.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\p-01-0VIaSjnOLg913DYU9J.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\p-01-0VIaSjnOLgZX6CY3D5.gif not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\pd[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\px[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\s2[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\tt0XMTQV4T.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\video-20140112-536269[1].dat moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\videos[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\x1e5e3f[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3099QHCC\zrt_lookup[1].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ac[1].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ac[2].htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ad-300TopRight[1].htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ad-casc-300-tier-1[3].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ad-casc-300-tier-1[4].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ad-casc-728-tier-1[1].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\AdDisplayTrackerServlet[8].htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\AdDisplayTrackerServlet[9].htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\if8L01O4EF.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ifAHPPJHEU.htm not found!C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ifB7HUD5J1.htm moved successfully.C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ifE58LJ525.htm moved successfully.File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ifRUXOML0Y.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ifS6A9XOM5.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ifWLXUZV0U.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ifYT994NWK.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\p-01-0VIaSjnOLg02US9AMC.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\p-01-0VIaSjnOLg1RUC5O57.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\p-01-0VIaSjnOLgDB4XIFVH.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\p-01-0VIaSjnOLgEDC3LS3Y.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\p-01-0VIaSjnOLgKXTY9NQ7.gif not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\ttAOQ12NJ6.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\usermatchQPFO88MW.htm not found!File\Folder C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\26WOO3KX\VFN925Q2.htm not found!File move failed. C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... Link to post Share on other sites
Recommended Posts