So if i type 48963yhg34 it will say Search the Web (privitize) Search
HELP: INFECTED BADLY [Closed]
Started by
Asentrik
, Apr 02 2013 06:48 PM
-
This topic is locked
#16
Posted 03 April 2013 - 11:28 PM
Asentrik
- Topic Starter
-
- Member
-
- 19 posts
Member
So if i type 48963yhg34 it will say Search the Web (privitize) Search
#17
Posted 03 April 2013 - 11:38 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Hello Asentrik
I would like you to rerun OTL for me and send me the fresh scan for me.
Run New OTL Scan
Gringo
I would like you to rerun OTL for me and send me the fresh scan for me.
Run New OTL Scan
- Double click on OTL.exe to run it.
- Under Output, ensure that Minimal Output is selected.
- Under Extra Registry section, select Use SafeList.
- Click the Scan All Users checkbox.
- Click on Run Scan at the top left hand corner.
- When done, two Notepad files will open.
- OTL.txt <-- Will be opened and the that I need posted back here
- Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
- Please post the contents of OTL.txt in your next reply.
Gringo
#18
Posted 04 April 2013 - 12:15 AM
Asentrik
- Topic Starter
-
- Member
-
- 19 posts
Member
I've been running the scan for about 5 minutes it should be done soon.
#19
Posted 04 April 2013 - 12:19 AM
Asentrik
- Topic Starter
-
- Member
-
- 19 posts
Member
OTL logfile created on: 4/4/2013 01:06:57 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 24.22% Memory free
7.50 Gb Paging File | 4.52 Gb Available in Paging File | 60.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 316.60 Gb Total Space | 3.47 Gb Free Space | 1.09% Space Free | Partition Type: NTFS
Computer Name: TOUCH-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Home\Desktop\aswMBR.exe (AVAST Software)
PRC - C:\Users\Home\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
PRC - C:\Users\Home\Desktop\All\ProjSkype\skype55_59_deobfuscated\skype59_patched.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Icecast2 Win32\icecastService.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll ()
MOD - C:\Windows\SysWOW64\PrxerNsp.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\CyberLink\PowerDVD DX\CLFormatDetector.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (wfcs) -- C:\Program Files\Windows Firewall Control\wfcs.exe (BiniSoft.org)
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV:64bit: - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (wampmysqld) -- c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe ()
SRV - (wampapache) -- c:\wamp\bin\apache\Apache2.2.21\bin\httpd.exe (Apache Software Foundation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Icecast-trunk) -- C:\Program Files (x86)\Icecast2 Win32\icecastService.exe ()
SRV - (Visual Studio Analyzer RPC bridge) -- C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (KeyScrambler) -- C:\Windows\SysNative\drivers\keyscrambler.sys (QFX Software Corporation)
DRV:64bit: - (taphss6) -- C:\Windows\SysNative\drivers\taphss6.sys (Anchorfree Inc.)
DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (CV2K1) -- C:\Windows\SysNative\drivers\cv2k1.sys (TamoSoft)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (tapoas) -- C:\Windows\SysNative\drivers\tapoas.sys (The OpenVPN Project)
DRV:64bit: - (TsVp) -- C:\Windows\SysNative\drivers\tsvp.sys (TamoSoft)
DRV:64bit: - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV:64bit: - (mozyFilter) -- C:\Windows\SysNative\drivers\mozy.sys (Mozy, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\drivers\HssDrv.sys (AnchorFree Inc.)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (TsVlb) -- C:\Windows\SysNative\drivers\tsvlb.sys (TamoSoft)
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (msloop) -- C:\Windows\SysNative\drivers\loop.sys (Microsoft Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (nvamacpi) -- C:\Windows\SysNative\drivers\nvamacpi.sys (NVIDIA Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (VCSVADHWSer) -- C:\Windows\SysNative\drivers\vcsvad.sys (Avnex)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV - ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (LENDIG) -- C:\Windows\LENDIG.sys ()
DRV - (Winsock) -- C:\Windows\SysWow64\WINSOCK.SRG ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 9221036
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 9F 07 0C 59 2C CD 01 [binary data]
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}: "URL" = http://ib.startnow.c...eferrer:source}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes\{65C466CC-786F-414C-AC05-DC95D5A03175}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 9F 07 0C 59 2C CD 01 [binary data]
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes,DefaultScope = {65C466CC-786F-414C-AC05-DC95D5A03175}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}: "URL" = http://ib.startnow.c...eferrer:source}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{65C466CC-786F-414C-AC05-DC95D5A03175}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}: "URL" = http://websearch.ask...4A-971987119EA4
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...q={searchTerms}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80677&lng=en
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{C138E836-7A11-45FB-BFBC-6E8DA804570A}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..extensions.enabledAddons: afurladvisor%40anchorfree.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Windows\Downloaded Program Files\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/09 20:30:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 01:04:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/08 01:04:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2012/03/25 10:24:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2011/01/31 22:27:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions
[2011/01/31 22:27:59 | 000,000,000 | ---D | M] (XfireXO) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2013/04/03 22:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\l18miaid.default\extensions
[2013/02/16 06:26:57 | 000,204,940 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\l18miaid.default\extensions\[email protected]
[2012/04/15 16:55:32 | 000,004,546 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\l18miaid.default\extensions\[email protected]
[2013/04/02 21:50:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\[email protected]
[2013/03/08 01:04:52 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/28 10:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/09/06 16:37:53 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/20 06:47:14 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Search The Web (privitize) (Enabled)
CHR - default_search_provider: search_url = http://searchou.com/...00000ff6d68bda8
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\Windows\Downloaded Program Files\npsoe.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10516.0\npctrl.dll
CHR - Extension: Adblock Plus = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Crackle = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.7_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: Abstract-Blue = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.0_0\
O1 HOSTS File: ([2013/04/03 14:59:57 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\Toolbar\WebBrowser: (no name) - {30AA252E-B1DF-4AA2-9C5E-194C67A7C623} - No CLSID value found.
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\Toolbar\WebBrowser: (no name) - {30AA252E-B1DF-4AA2-9C5E-194C67A7C623} - No CLSID value found.
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk ()
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Proxifier] c:\program files (x86)\proxifier\proxifier.exe (Initex)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [uTorrent] C:\Users\Home\Downloads\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [MurGee.com Auto Clicker] C:\Program Files (x86)\Auto Clicker\AutoClicker.exe :silent File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [uTorrent] C:\Users\Home\Downloads\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\RunOnce: [Report] C:\AdwCleaner[S2].txt ()
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKLM..\RunOnce\Setup: [Configuring Data Access Components] C:\Windows\SysWOW64\odbcconf.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Home\Documents\Startup\Dropbox.lnk = C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1054 (SonyOnlineInstallerX)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://a248.e.akama...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 10.5.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.21.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D68BDA8-556C-4F96-B5C2-C69D3E49446C}: DhcpNameServer = 10.2.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78B3C496-7BF3-40B9-B0D9-216202DEA90E}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F1685DD-9669-4EBA-ADD2-120338D4DA6B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7B971B5-A392-424F-85A9-FE0BFDB94422}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3EABA83-73B3-49EA-BFB3-27EA048C2BD6}: DhcpNameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WB: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/03 23:39:44 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Home\Desktop\aswMBR.exe
[2013/04/03 22:48:02 | 000,551,246 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Home\Desktop\JRT.exe
[2013/04/03 15:00:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/04/03 14:54:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/04/03 14:39:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/03 14:39:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/03 14:39:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/03 14:39:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/03 14:39:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/04/03 14:38:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/03 14:37:51 | 005,046,606 | R--- | C] (Swearware) -- C:\Users\Home\Desktop\ComboFix.exe
[2013/04/02 21:47:59 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\LOGS
[2013/04/02 19:30:45 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
[2013/04/02 19:30:45 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
[2013/04/02 19:30:45 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
[2013/04/02 19:30:45 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
[2013/04/02 19:30:45 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
[2013/04/02 19:30:45 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
[2013/04/02 19:30:45 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
[2013/04/02 19:30:45 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
[2013/04/02 19:30:45 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
[2013/04/02 17:59:55 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/02 17:59:55 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/02 17:59:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/02 17:59:55 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/04/02 17:59:55 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/02 17:59:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/02 17:59:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/02 17:59:55 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/02 17:59:55 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/02 17:59:55 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/02 17:59:55 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/02 17:59:55 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/02 17:59:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/02 17:59:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/02 17:59:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/02 17:59:55 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/02 17:59:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/02 17:59:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/02 17:59:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/02 17:59:55 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/02 17:59:54 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/04/02 17:59:54 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/04/02 17:59:54 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/02 17:59:54 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/02 17:59:54 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/04/02 17:59:54 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/04/02 17:59:54 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/04/02 17:59:54 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/04/02 17:59:54 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/02 17:59:54 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/04/02 17:59:54 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/04/02 17:59:54 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/04/02 17:59:54 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/04/02 17:59:54 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/04/02 17:59:54 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/04/02 17:59:54 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/02 17:59:54 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/04/02 17:59:54 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/04/02 17:59:54 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/02 17:59:54 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/04/02 17:59:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/04/02 17:59:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/04/02 17:59:54 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/04/02 17:59:54 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/04/02 17:59:54 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/04/02 17:59:54 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/04/02 17:59:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/04/02 17:59:54 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/04/02 17:59:54 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/04/02 17:59:54 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/04/02 17:59:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/04/02 17:59:54 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/04/02 17:59:54 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/04/02 17:59:54 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/04/02 17:59:54 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/02 17:59:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/04/02 17:59:54 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/04/02 17:59:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/02 17:59:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/02 17:59:54 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/04/02 17:59:54 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/04/02 17:59:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/04/02 17:59:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/04/02 17:59:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/02 17:59:54 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/04/02 17:59:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/02 17:59:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/04/02 17:59:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/04/02 17:57:46 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/04/02 17:57:46 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/04/02 17:57:46 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/04/02 17:57:46 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/04/02 17:57:46 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/04/02 17:57:46 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/02 17:57:46 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/02 17:57:46 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/04/02 17:57:46 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/02 17:57:46 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/04/02 17:57:46 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/04/02 17:57:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/02 17:57:46 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/04/02 17:57:46 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/04/02 17:57:46 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/04/02 17:57:46 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/04/02 17:57:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/04/02 17:57:46 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/04/02 17:57:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\ElevatedDiagnostics
[2013/04/02 12:45:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/04/02 12:26:40 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/02 12:26:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/02 02:09:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/04/02 01:57:32 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\rkill
[2013/04/01 22:49:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\RK_Quarantine
[2013/03/31 15:22:32 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\website
[2013/03/29 03:01:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/03/28 18:14:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\dnb [bleep]
[2013/03/26 22:11:57 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Users\Home\Desktop\hackscrape.EXE
[2013/03/26 02:35:20 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Users\Home\Desktop\horsespam2.EXE
[2013/03/26 00:46:33 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Zephex
[2013/03/24 04:23:28 | 000,000,000 | ---D | C] -- C:\[bleep]
[2013/03/24 04:00:47 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\gnupg
[2013/03/24 04:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\GNU
[2013/03/24 03:41:39 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/03/21 22:49:15 | 000,000,000 | ---D | C] -- C:\Cookiesvampirefreaks.com
[2013/03/21 20:53:55 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\test
[2013/03/20 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\AESIS OpenSrc
[2013/03/20 21:34:50 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\VPNium
[2013/03/20 21:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNium
[2013/03/20 21:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VPNium
[2013/03/20 17:02:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/16 01:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOVE
[2013/03/16 01:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOVE
[2013/03/15 23:54:29 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\My RAT
[2013/03/15 04:58:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Process Hacker 2
[2013/03/15 04:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2013/03/15 04:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2013/03/15 04:56:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\QFX Software
[2013/03/15 04:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013/03/15 04:56:13 | 000,221,720 | ---- | C] (QFX Software Corporation) -- C:\Windows\SysNative\drivers\keyscrambler.sys
[2013/03/15 04:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/03/15 04:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler
[2013/03/15 04:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarkComet RAT Remover
[2013/03/15 04:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhrozenSoft
[2013/03/15 04:20:01 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\darkcomet remover
[2013/03/15 00:24:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\aPjaReoYXLwYuHVDUG
[2013/03/14 22:19:16 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\HSSS
[2013/03/14 22:09:36 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\X-Chat 2
[2013/03/14 22:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XChat
[2013/03/14 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xchat
[2013/03/14 22:06:44 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Hotspot Shield
[2013/03/13 22:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hide IP
[2013/03/13 22:54:35 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Super Hide IP v3.0.6.8 + Crack [broadway24™]
[2013/03/13 22:23:40 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\join.me
[2013/03/13 03:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 03:03:01 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/03/13 03:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/13 03:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/12 02:50:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Garena
[2013/03/09 01:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
[2013/03/09 01:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2013/03/09 00:35:11 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Massive 1.3 Sounds
[2013/03/08 01:04:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/06 13:53:38 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Vengeance.Essential.Dubstep.Vol.1.WAV-Samples
[2012/08/07 21:45:27 | 016,956,856 | ---- | C] (PremiumSoft CyberTech Ltd. ) -- C:\Users\Home\AppData\Roaming\navicat100_mysql_en.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/04 00:51:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/04 00:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/04 00:30:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001UA.job
[2013/04/04 00:23:37 | 000,000,512 | ---- | M] () -- C:\Users\Home\Desktop\MBR.dat
[2013/04/03 23:41:15 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Home\Desktop\aswMBR.exe
[2013/04/03 22:48:15 | 000,551,246 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Home\Desktop\JRT.exe
[2013/04/03 22:01:11 | 002,396,512 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/03 22:01:11 | 000,710,826 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/03 22:01:11 | 000,006,672 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/03 19:10:05 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Home.job
[2013/04/03 16:30:02 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001Core.job
[2013/04/03 15:19:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 15:19:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 15:12:04 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Home.job
[2013/04/03 15:10:52 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/03 15:10:50 | 000,131,072 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/04/03 15:10:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/03 15:10:34 | 3019,296,768 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/03 14:59:57 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/04/03 14:38:30 | 005,046,606 | R--- | M] (Swearware) -- C:\Users\Home\Desktop\ComboFix.exe
[2013/04/02 21:54:12 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Home.job
[2013/04/02 21:52:27 | 000,791,040 | ---- | M] () -- C:\Users\Home\Desktop\RogueKillerX64.exe
[2013/04/02 21:48:54 | 000,613,083 | ---- | M] () -- C:\Users\Home\Desktop\AdwCleaner.exe
[2013/04/02 19:34:34 | 000,003,624 | ---- | M] () -- C:\Windows\SysWow64\tmp.reg
[2013/04/02 19:32:45 | 000,000,035 | ---- | M] () -- C:\Users\Home\AppData\Roaming\SetValue.bat
[2013/04/02 17:59:55 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/02 17:59:55 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/02 17:59:55 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/02 17:59:55 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/04/02 17:59:55 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/02 17:59:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/02 17:59:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/02 17:59:55 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/02 17:59:55 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/02 17:59:55 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/02 17:59:55 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/02 17:59:55 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/02 17:59:55 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/02 17:59:55 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/02 17:59:55 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/02 17:59:55 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/02 17:59:55 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/02 17:59:55 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/02 17:59:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/02 17:59:55 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/02 17:59:54 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/04/02 17:59:54 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/04/02 17:59:54 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/02 17:59:54 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/02 17:59:54 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/04/02 17:59:54 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/04/02 17:59:54 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/04/02 17:59:54 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/04/02 17:59:54 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/02 17:59:54 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/04/02 17:59:54 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/04/02 17:59:54 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/04/02 17:59:54 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/04/02 17:59:54 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/04/02 17:59:54 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/04/02 17:59:54 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/02 17:59:54 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/04/02 17:59:54 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/04/02 17:59:54 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/02 17:59:54 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/04/02 17:59:54 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/04/02 17:59:54 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/04/02 17:59:54 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/04/02 17:59:54 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/04/02 17:59:54 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/04/02 17:59:54 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/04/02 17:59:54 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/04/02 17:59:54 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/04/02 17:59:54 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/04/02 17:59:54 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/04/02 17:59:54 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/04/02 17:59:54 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/04/02 17:59:54 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/04/02 17:59:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/04/02 17:59:54 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/02 17:59:54 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/04/02 17:59:54 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/04/02 17:59:54 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/02 17:59:54 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/02 17:59:54 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/04/02 17:59:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/04/02 17:59:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/04/02 17:59:54 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/04/02 17:59:54 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/02 17:59:54 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/04/02 17:59:54 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/02 17:59:54 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/04/02 17:59:54 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/02 17:59:54 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/04/02 17:59:54 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/04/02 17:57:46 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/04/02 17:57:46 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/04/02 17:57:46 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/04/02 17:57:46 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/04/02 17:57:46 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/04/02 17:57:46 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/02 17:57:46 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/02 17:57:46 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/04/02 17:57:46 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/02 17:57:46 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/04/02 17:57:46 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/04/02 17:57:46 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/02 17:57:46 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/04/02 17:57:46 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/04/02 17:57:46 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/04/02 17:57:46 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/04/02 17:57:46 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/04/02 17:57:46 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/04/02 17:57:46 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 12:45:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/04/01 22:51:10 | 000,001,016 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130402-122357.backup
[2013/04/01 22:48:31 | 000,890,798 | ---- | M] () -- C:\Users\Home\Desktop\SecurityCheck.exe
[2013/04/01 20:58:42 | 000,021,359 | ---- | M] () -- C:\Users\Home\Documents\Wolfattackrecords.png
[2013/04/01 20:58:41 | 000,000,132 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/04/01 20:58:34 | 000,242,826 | ---- | M] () -- C:\Users\Home\Documents\Wolfattackrecords.psd
[2013/04/01 16:02:01 | 001,275,737 | ---- | M] () -- C:\Users\Home\Desktop\839B5198-962A-448A-A7E4-BCCCE28103B9.jpg
[2013/03/29 18:42:02 | 000,002,952 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/03/29 11:45:50 | 006,488,710 | ---- | M] () -- C:\Users\Home\Desktop\Synchronize 2.mp3
[2013/03/28 12:08:08 | 006,488,710 | ---- | M] () -- C:\Users\Home\Desktop\Synchronize.mp3
[2013/03/28 12:00:08 | 000,356,680 | ---- | M] () -- C:\Users\Home\Desktop\bassstorm.png
[2013/03/28 12:00:02 | 003,059,727 | ---- | M] () -- C:\Users\Home\Desktop\bassstorm.psd
[2013/03/26 22:16:58 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Users\Home\Desktop\hackscrape.EXE
[2013/03/26 19:54:43 | 000,001,062 | ---- | M] () -- C:\Users\Home\Documents\Startup\Dropbox.lnk
[2013/03/26 02:35:56 | 000,588,288 | ---- | M] (Microsoft Corporation) -- C:\Users\Home\Desktop\horsespam2.EXE
[2013/03/25 00:49:01 | 000,000,065 | ---- | M] () -- C:\Users\Home\Desktop\config.ini
[2013/03/25 00:46:13 | 000,379,655 | ---- | M] () -- C:\Users\Home\Desktop\beard.exe
[2013/03/24 03:41:39 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/03/23 23:54:01 | 000,073,020 | ---- | M] () -- C:\Users\Home\Desktop\ANIME.psd
[2013/03/22 23:11:52 | 002,735,553 | ---- | M] () -- C:\Users\Home\Desktop\Chiefkeef.psd
[2013/03/22 21:57:33 | 003,132,550 | ---- | M] () -- C:\Users\Home\Desktop\TradgiK & SOTW 2013 DnB Mix.mp3
[2013/03/22 05:51:55 | 000,000,001 | ---- | M] () -- C:\Users\Home\random.dat
[2013/03/22 05:46:52 | 000,000,043 | ---- | M] () -- C:\Users\Home\jagex_cl_runescape_LIVE.dat
[2013/03/22 02:58:59 | 005,090,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/22 00:27:19 | 000,014,914 | ---- | M] () -- C:\Users\Home\Desktop\derp.php
[2013/03/22 00:05:18 | 000,101,416 | ---- | M] () -- C:\Users\Home\Desktop\MyriadPro-SemiboldIt.otf
[2013/03/21 15:10:50 | 000,024,779 | ---- | M] () -- C:\Users\Home\Documents\IMG_21032013_151205.png
[2013/03/21 03:00:06 | 000,059,125 | ---- | M] () -- C:\Users\Home\Documents\asian.jpg
[2013/03/21 02:36:22 | 000,001,885 | ---- | M] () -- C:\Users\Home\Desktop\Process Hacker 2.lnk
[2013/03/20 21:34:38 | 000,000,983 | ---- | M] () -- C:\Users\Home\Desktop\VPNium.lnk
[2013/03/16 01:45:14 | 000,000,955 | ---- | M] () -- C:\Users\Home\Desktop\LOVE.lnk
[2013/03/16 00:17:26 | 000,271,872 | ---- | M] (The UPX Team http://upx.sf.net) -- C:\Windows\SysWow64\upx.exe
[2013/03/16 00:02:29 | 000,235,056 | ---- | M] () -- C:\Windows\Discon.wav
[2013/03/16 00:02:29 | 000,087,600 | ---- | M] () -- C:\Windows\comp.wav
[2013/03/16 00:02:29 | 000,068,016 | ---- | M] () -- C:\Windows\Growl.wav
[2013/03/16 00:02:29 | 000,032,304 | ---- | M] () -- C:\Windows\broke.wav
[2013/03/16 00:02:28 | 002,014,348 | ---- | M] () -- C:\Windows\op.wav
[2013/03/16 00:02:28 | 000,412,672 | ---- | M] (JB) -- C:\Windows\SysWow64\vbskpro.ocx
[2013/03/15 04:20:39 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\DarkComet Remover.lnk
[2013/03/14 23:18:40 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2013/03/14 22:09:35 | 000,001,833 | ---- | M] () -- C:\Users\Home\Desktop\XChat.lnk
[2013/03/13 22:54:54 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/03/13 22:23:40 | 000,001,061 | ---- | M] () -- C:\Users\Home\Desktop\join.me.lnk
[2013/03/12 23:36:07 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/12 23:36:07 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/10 03:44:40 | 000,000,000 | ---- | M] () -- C:\Users\Home\Documents\ts3_clientui-win32-1351504843-2013-03-10 03_44_40.133000.dmp
[2013/03/09 01:56:11 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Massive.lnk
[2013/03/09 01:55:08 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Service Center.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/04 00:23:37 | 000,000,512 | ---- | C] () -- C:\Users\Home\Desktop\MBR.dat
[2013/04/03 14:58:39 | 000,131,072 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2013/04/03 14:39:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/03 14:39:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/03 14:39:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/03 14:39:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/03 14:39:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/02 21:52:14 | 000,791,040 | ---- | C] () -- C:\Users\Home\Desktop\RogueKillerX64.exe
[2013/04/02 21:48:36 | 000,613,083 | ---- | C] () -- C:\Users\Home\Desktop\AdwCleaner.exe
[2013/04/02 19:32:45 | 000,000,035 | ---- | C] () -- C:\Users\Home\AppData\Roaming\SetValue.bat
[2013/04/02 19:31:02 | 000,003,624 | ---- | C] () -- C:\Windows\SysWow64\tmp.reg
[2013/04/02 19:30:45 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe
[2013/04/02 19:30:45 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe
[2013/04/02 19:09:46 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Home.job
[2013/04/02 19:09:43 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Home.job
[2013/04/02 19:09:40 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Home.job
[2013/04/02 17:59:54 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/02 17:59:54 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/04/02 17:44:14 | 000,002,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
[2013/04/02 17:44:14 | 000,000,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk
[2013/04/01 22:48:19 | 000,890,798 | ---- | C] () -- C:\Users\Home\Desktop\SecurityCheck.exe
[2013/04/01 20:58:39 | 000,021,359 | ---- | C] () -- C:\Users\Home\Documents\Wolfattackrecords.png
[2013/04/01 20:58:33 | 000,242,826 | ---- | C] () -- C:\Users\Home\Documents\Wolfattackrecords.psd
[2013/04/01 15:29:19 | 001,275,737 | ---- | C] () -- C:\Users\Home\Desktop\839B5198-962A-448A-A7E4-BCCCE28103B9.jpg
[2013/03/29 11:43:55 | 006,488,710 | ---- | C] () -- C:\Users\Home\Desktop\Synchronize 2.mp3
[2013/03/28 12:00:06 | 000,356,680 | ---- | C] () -- C:\Users\Home\Desktop\bassstorm.png
[2013/03/28 12:00:01 | 003,059,727 | ---- | C] () -- C:\Users\Home\Desktop\bassstorm.psd
[2013/03/28 11:51:32 | 006,488,710 | ---- | C] () -- C:\Users\Home\Desktop\Synchronize.mp3
[2013/03/25 00:49:01 | 000,000,065 | ---- | C] () -- C:\Users\Home\Desktop\config.ini
[2013/03/25 00:43:03 | 000,379,655 | ---- | C] () -- C:\Users\Home\Desktop\beard.exe
[2013/03/23 23:54:00 | 000,073,020 | ---- | C] () -- C:\Users\Home\Desktop\ANIME.psd
[2013/03/22 21:57:00 | 003,132,550 | ---- | C] () -- C:\Users\Home\Desktop\TradgiK & SOTW 2013 DnB Mix.mp3
[2013/03/22 00:27:14 | 000,014,914 | ---- | C] () -- C:\Users\Home\Desktop\derp.php
[2013/03/22 00:09:48 | 002,735,553 | ---- | C] () -- C:\Users\Home\Desktop\Chiefkeef.psd
[2013/03/22 00:05:09 | 000,101,416 | ---- | C] () -- C:\Users\Home\Desktop\MyriadPro-SemiboldIt.otf
[2013/03/21 15:10:34 | 000,024,779 | ---- | C] () -- C:\Users\Home\Documents\IMG_21032013_151205.png
[2013/03/21 02:59:31 | 000,059,125 | ---- | C] () -- C:\Users\Home\Documents\asian.jpg
[2013/03/20 21:34:38 | 000,000,983 | ---- | C] () -- C:\Users\Home\Desktop\VPNium.lnk
[2013/03/16 01:45:14 | 000,000,955 | ---- | C] () -- C:\Users\Home\Desktop\LOVE.lnk
[2013/03/15 04:57:27 | 000,001,885 | ---- | C] () -- C:\Users\Home\Desktop\Process Hacker 2.lnk
[2013/03/15 04:20:39 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\DarkComet Remover.lnk
[2013/03/14 22:09:35 | 000,001,833 | ---- | C] () -- C:\Users\Home\Desktop\XChat.lnk
[2013/03/13 22:54:54 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/03/13 22:23:40 | 000,001,061 | ---- | C] () -- C:\Users\Home\Desktop\join.me.lnk
[2013/03/10 03:44:40 | 000,000,000 | ---- | C] () -- C:\Users\Home\Documents\ts3_clientui-win32-1351504843-2013-03-10 03_44_40.133000.dmp
[2013/03/09 01:56:11 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Massive.lnk
[2013/03/09 01:55:08 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Service Center.lnk
[2013/03/03 22:54:47 | 000,207,766 | ---- | C] () -- C:\Users\Home\AppData\Local\debuggee.mdmp
[2013/02/21 20:30:47 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012/12/21 17:30:03 | 000,000,041 | ---- | C] () -- C:\Users\Home\matrix_cl_zenith_LIVE.dat
[2012/12/19 23:18:12 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/12/14 19:04:17 | 000,000,000 | ---- | C] () -- C:\Users\Home\Paradox_runescape_preferences.dat
[2012/12/09 23:49:52 | 000,581,642 | ---- | C] () -- C:\Users\Home\AppData\Roaming\technic-launcher.jar
[2012/11/30 18:20:02 | 000,000,631 | ---- | C] () -- C:\Users\Home\openvpn-connect.json
[2012/11/25 23:05:34 | 000,000,043 | ---- | C] () -- C:\Users\Home\jagex_cl_runescape_LIVE.dat
[2012/11/17 14:07:16 | 000,000,113 | ---- | C] () -- C:\Windows\SysWow64\SVG Drawer.ini
[2012/10/16 21:57:20 | 000,000,045 | ---- | C] () -- C:\Users\Home\jagex_cl_loginapplet_LIVE.dat
[2012/10/16 21:57:20 | 000,000,001 | ---- | C] () -- C:\Users\Home\random.dat
[2012/10/11 16:00:28 | 000,000,000 | ---- | C] () -- C:\Users\Home\jagex__preferences3.dat
[2012/10/11 16:00:25 | 000,000,099 | ---- | C] () -- C:\Users\Home\jagex_Runescape_preferences2.dat
[2012/10/11 16:00:08 | 000,000,046 | ---- | C] () -- C:\Users\Home\jagex_Runescape_preferences.dat
[2012/10/03 20:55:01 | 000,000,159 | ---- | C] () -- C:\Users\Home\AppData\Roaming\net.telestream.producer.xml
[2012/09/26 19:41:40 | 000,601,088 | ---- | C] () -- C:\Users\Home\AppData\Roaming\SharedSettings.ccs
[2012/09/26 18:40:19 | 000,000,104 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2012/07/15 00:28:54 | 000,000,171 | ---- | C] () -- C:\Windows\icecast2.ini
[2012/07/10 08:17:29 | 000,002,952 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/07/07 13:08:33 | 000,001,263 | ---- | C] () -- C:\Program Files (x86)\Spybot - Search & Destroy - Shortcut.lnk
[2012/06/17 19:40:44 | 000,001,456 | ---- | C] () -- C:\Users\Home\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/06/17 19:28:35 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012/06/10 05:25:15 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/05/10 19:23:04 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\minimp3.exe
[2012/04/22 15:29:52 | 000,000,091 | ---- | C] () -- C:\Users\Home\AppData\Local\NWUserDefault.ini
[2012/04/11 23:34:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012/04/02 17:04:39 | 000,000,185 | ---- | C] () -- C:\Windows\mdm.ini
[2012/04/02 17:04:33 | 000,000,760 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/04/02 17:04:33 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/04/02 15:52:33 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2012/03/25 10:24:56 | 000,005,890 | ---- | C] () -- C:\Windows\wininit.ini
[2012/03/11 12:44:08 | 000,006,656 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/11 11:59:45 | 000,000,600 | ---- | C] () -- C:\Users\Home\AppData\Local\PUTTY.RND
[2012/03/07 20:37:13 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/03/06 23:22:22 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/03/06 23:22:21 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/03/06 23:22:21 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/03/06 16:59:24 | 000,077,517 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/01/31 22:38:05 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2012/01/30 21:26:09 | 000,001,806 | ---- | C] () -- C:\Windows\TSearch.INI
[2012/01/03 22:04:06 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/01/01 11:57:51 | 000,000,000 | ---- | C] () -- C:\Users\Home\AppData\Local\{C906B360-2338-4A7F-BBF7-13DE2F40B573}
[2011/12/29 17:58:09 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2011/10/14 21:32:55 | 000,221,179 | ---- | C] () -- C:\Users\Home\AppData\Roaming\UserTile.png
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/08/09 19:47:29 | 000,012,794 | --S- | C] () -- C:\Users\Home\AppData\Local\4kevyrk2a6v3ct6no2nj87x5vb840rrg23v3b5q10dw6tw
[2011/08/09 19:47:29 | 000,012,794 | --S- | C] () -- C:\ProgramData\4kevyrk2a6v3ct6no2nj87x5vb840rrg23v3b5q10dw6tw
[2011/06/29 19:03:02 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/09 11:31:57 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/05/18 21:29:50 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/30 21:54:10 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2010/03/21 14:29:48 | 000,007,602 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:AFC66739
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 24.22% Memory free
7.50 Gb Paging File | 4.52 Gb Available in Paging File | 60.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 316.60 Gb Total Space | 3.47 Gb Free Space | 1.09% Space Free | Partition Type: NTFS
Computer Name: TOUCH-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Home\Desktop\aswMBR.exe (AVAST Software)
PRC - C:\Users\Home\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
PRC - C:\Users\Home\Desktop\All\ProjSkype\skype55_59_deobfuscated\skype59_patched.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Icecast2 Win32\icecastService.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll ()
MOD - C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll ()
MOD - C:\Windows\SysWOW64\PrxerNsp.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\CyberLink\PowerDVD DX\CLFormatDetector.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (wfcs) -- C:\Program Files\Windows Firewall Control\wfcs.exe (BiniSoft.org)
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV:64bit: - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (wampmysqld) -- c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe ()
SRV - (wampapache) -- c:\wamp\bin\apache\Apache2.2.21\bin\httpd.exe (Apache Software Foundation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Icecast-trunk) -- C:\Program Files (x86)\Icecast2 Win32\icecastService.exe ()
SRV - (Visual Studio Analyzer RPC bridge) -- C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\VARPC.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (KeyScrambler) -- C:\Windows\SysNative\drivers\keyscrambler.sys (QFX Software Corporation)
DRV:64bit: - (taphss6) -- C:\Windows\SysNative\drivers\taphss6.sys (Anchorfree Inc.)
DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (CV2K1) -- C:\Windows\SysNative\drivers\cv2k1.sys (TamoSoft)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (tapoas) -- C:\Windows\SysNative\drivers\tapoas.sys (The OpenVPN Project)
DRV:64bit: - (TsVp) -- C:\Windows\SysNative\drivers\tsvp.sys (TamoSoft)
DRV:64bit: - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV:64bit: - (mozyFilter) -- C:\Windows\SysNative\drivers\mozy.sys (Mozy, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\drivers\HssDrv.sys (AnchorFree Inc.)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (TsVlb) -- C:\Windows\SysNative\drivers\tsvlb.sys (TamoSoft)
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (msloop) -- C:\Windows\SysNative\drivers\loop.sys (Microsoft Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (nvamacpi) -- C:\Windows\SysNative\drivers\nvamacpi.sys (NVIDIA Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (VCSVADHWSer) -- C:\Windows\SysNative\drivers\vcsvad.sys (Avnex)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV - ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl (CyberLink Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (LENDIG) -- C:\Windows\LENDIG.sys ()
DRV - (Winsock) -- C:\Windows\SysWow64\WINSOCK.SRG ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 9221036
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 9F 07 0C 59 2C CD 01 [binary data]
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}: "URL" = http://ib.startnow.c...eferrer:source}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes\{65C466CC-786F-414C-AC05-DC95D5A03175}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 9F 07 0C 59 2C CD 01 [binary data]
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes,DefaultScope = {65C466CC-786F-414C-AC05-DC95D5A03175}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}: "URL" = http://ib.startnow.c...eferrer:source}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{65C466CC-786F-414C-AC05-DC95D5A03175}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}: "URL" = http://websearch.ask...4A-971987119EA4
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...q={searchTerms}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80677&lng=en
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{C138E836-7A11-45FB-BFBC-6E8DA804570A}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..extensions.enabledAddons: afurladvisor%40anchorfree.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Windows\Downloaded Program Files\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Home\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Home\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/09 20:30:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 01:04:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/08 01:04:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2012/03/25 10:24:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2011/01/31 22:27:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions
[2011/01/31 22:27:59 | 000,000,000 | ---D | M] (XfireXO) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2013/04/03 22:59:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\l18miaid.default\extensions
[2013/02/16 06:26:57 | 000,204,940 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\l18miaid.default\extensions\[email protected]
[2012/04/15 16:55:32 | 000,004,546 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\l18miaid.default\extensions\[email protected]
[2013/04/02 21:50:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\[email protected]
[2013/03/08 01:04:52 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/28 10:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/09/06 16:37:53 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/20 06:47:14 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Search The Web (privitize) (Enabled)
CHR - default_search_provider: search_url = http://searchou.com/...00000ff6d68bda8
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Home\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Home\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\Windows\Downloaded Program Files\npsoe.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10516.0\npctrl.dll
CHR - Extension: Adblock Plus = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Crackle = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.7_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: Abstract-Blue = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.0_0\
O1 HOSTS File: ([2013/04/03 14:59:57 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\Toolbar\WebBrowser: (no name) - {30AA252E-B1DF-4AA2-9C5E-194C67A7C623} - No CLSID value found.
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\Toolbar\WebBrowser: (no name) - {30AA252E-B1DF-4AA2-9C5E-194C67A7C623} - No CLSID value found.
O3 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk ()
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Proxifier] c:\program files (x86)\proxifier\proxifier.exe (Initex)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\Run: [uTorrent] C:\Users\Home\Downloads\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [Clownfish] C:\Program Files (x86)\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [MurGee.com Auto Clicker] C:\Program Files (x86)\Auto Clicker\AutoClicker.exe :silent File not found
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\Run: [uTorrent] C:\Users\Home\Downloads\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001..\RunOnce: [Report] C:\AdwCleaner[S2].txt ()
O4 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKLM..\RunOnce\Setup: [Configuring Data Access Components] C:\Windows\SysWOW64\odbcconf.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Home\Documents\Startup\Dropbox.lnk = C:\Users\Home\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\PrxerDrv.dll (Initex)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1054 (SonyOnlineInstallerX)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} https://a248.e.akama...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 10.5.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.21.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D68BDA8-556C-4F96-B5C2-C69D3E49446C}: DhcpNameServer = 10.2.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78B3C496-7BF3-40B9-B0D9-216202DEA90E}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F1685DD-9669-4EBA-ADD2-120338D4DA6B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7B971B5-A392-424F-85A9-FE0BFDB94422}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3EABA83-73B3-49EA-BFB3-27EA048C2BD6}: DhcpNameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WB: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/03 23:39:44 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Home\Desktop\aswMBR.exe
[2013/04/03 22:48:02 | 000,551,246 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Home\Desktop\JRT.exe
[2013/04/03 15:00:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/04/03 14:54:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/04/03 14:39:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/03 14:39:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/03 14:39:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/03 14:39:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/03 14:39:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/04/03 14:38:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/03 14:37:51 | 005,046,606 | R--- | C] (Swearware) -- C:\Users\Home\Desktop\ComboFix.exe
[2013/04/02 21:47:59 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\LOGS
[2013/04/02 19:30:45 | 000,289,144 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\VCCLSID.exe
[2013/04/02 19:30:45 | 000,288,417 | ---- | C] (S!Ri) -- C:\Windows\SysWow64\SrchSTS.exe
[2013/04/02 19:30:45 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\VACFix.exe
[2013/04/02 19:30:45 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.exe
[2013/04/02 19:30:45 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\IEDFix.C.exe
[2013/04/02 19:30:45 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\404Fix.exe
[2013/04/02 19:30:45 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\o4Patch.exe
[2013/04/02 19:30:45 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\Windows\SysWow64\Agent.OMZ.Fix.exe
[2013/04/02 19:30:45 | 000,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\Windows\SysWow64\Process.exe
[2013/04/02 17:59:55 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/02 17:59:55 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/02 17:59:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/02 17:59:55 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/04/02 17:59:55 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/02 17:59:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/02 17:59:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/02 17:59:55 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/02 17:59:55 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/02 17:59:55 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/02 17:59:55 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/02 17:59:55 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/02 17:59:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/02 17:59:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/02 17:59:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/02 17:59:55 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/02 17:59:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/02 17:59:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/02 17:59:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/02 17:59:55 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/02 17:59:54 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/04/02 17:59:54 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/04/02 17:59:54 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/02 17:59:54 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/02 17:59:54 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/04/02 17:59:54 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/04/02 17:59:54 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/04/02 17:59:54 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/04/02 17:59:54 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/02 17:59:54 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/04/02 17:59:54 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/04/02 17:59:54 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/04/02 17:59:54 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/04/02 17:59:54 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/04/02 17:59:54 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/04/02 17:59:54 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/02 17:59:54 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/04/02 17:59:54 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/04/02 17:59:54 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/02 17:59:54 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/04/02 17:59:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/04/02 17:59:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/04/02 17:59:54 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/04/02 17:59:54 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/04/02 17:59:54 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/04/02 17:59:54 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/04/02 17:59:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/04/02 17:59:54 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/04/02 17:59:54 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/04/02 17:59:54 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/04/02 17:59:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/04/02 17:59:54 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/04/02 17:59:54 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/04/02 17:59:54 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/04/02 17:59:54 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/02 17:59:54 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/04/02 17:59:54 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/04/02 17:59:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/02 17:59:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/02 17:59:54 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/04/02 17:59:54 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/04/02 17:59:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/04/02 17:59:54 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/04/02 17:59:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/02 17:59:54 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/04/02 17:59:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/02 17:59:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/04/02 17:59:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/04/02 17:57:46 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/04/02 17:57:46 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/04/02 17:57:46 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/04/02 17:57:46 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/04/02 17:57:46 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/04/02 17:57:46 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/02 17:57:46 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/02 17:57:46 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/04/02 17:57:46 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/02 17:57:46 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/04/02 17:57:46 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/04/02 17:57:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/02 17:57:46 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/04/02 17:57:46 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/04/02 17:57:46 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/04/02 17:57:46 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/04/02 17:57:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/04/02 17:57:46 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/04/02 17:57:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\ElevatedDiagnostics
[2013/04/02 12:45:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/04/02 12:26:40 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/02 12:26:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/02 02:09:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/04/02 01:57:32 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\rkill
[2013/04/01 22:49:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\RK_Quarantine
[2013/03/31 15:22:32 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\website
[2013/03/29 03:01:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/03/28 18:14:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\dnb [bleep]
[2013/03/26 22:11:57 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Users\Home\Desktop\hackscrape.EXE
[2013/03/26 02:35:20 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Users\Home\Desktop\horsespam2.EXE
[2013/03/26 00:46:33 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Zephex
[2013/03/24 04:23:28 | 000,000,000 | ---D | C] -- C:\[bleep]
[2013/03/24 04:00:47 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\gnupg
[2013/03/24 04:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\GNU
[2013/03/24 03:41:39 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/03/21 22:49:15 | 000,000,000 | ---D | C] -- C:\Cookiesvampirefreaks.com
[2013/03/21 20:53:55 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\test
[2013/03/20 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\AESIS OpenSrc
[2013/03/20 21:34:50 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\VPNium
[2013/03/20 21:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNium
[2013/03/20 21:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VPNium
[2013/03/20 17:02:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/16 01:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOVE
[2013/03/16 01:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOVE
[2013/03/15 23:54:29 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\My RAT
[2013/03/15 04:58:38 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Process Hacker 2
[2013/03/15 04:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2013/03/15 04:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2013/03/15 04:56:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\QFX Software
[2013/03/15 04:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013/03/15 04:56:13 | 000,221,720 | ---- | C] (QFX Software Corporation) -- C:\Windows\SysNative\drivers\keyscrambler.sys
[2013/03/15 04:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/03/15 04:56:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyScrambler
[2013/03/15 04:20:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarkComet RAT Remover
[2013/03/15 04:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhrozenSoft
[2013/03/15 04:20:01 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\darkcomet remover
[2013/03/15 00:24:45 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\aPjaReoYXLwYuHVDUG
[2013/03/14 22:19:16 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\HSSS
[2013/03/14 22:09:36 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\X-Chat 2
[2013/03/14 22:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XChat
[2013/03/14 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xchat
[2013/03/14 22:06:44 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Hotspot Shield
[2013/03/13 22:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hide IP
[2013/03/13 22:54:35 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Super Hide IP v3.0.6.8 + Crack [broadway24™]
[2013/03/13 22:23:40 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\join.me
[2013/03/13 03:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 03:03:01 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2013/03/13 03:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/13 03:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/12 02:50:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Garena
[2013/03/09 01:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
[2013/03/09 01:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2013/03/09 00:35:11 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Massive 1.3 Sounds
[2013/03/08 01:04:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/06 13:53:38 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Vengeance.Essential.Dubstep.Vol.1.WAV-Samples
[2012/08/07 21:45:27 | 016,956,856 | ---- | C] (PremiumSoft CyberTech Ltd. ) -- C:\Users\Home\AppData\Roaming\navicat100_mysql_en.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/04 00:51:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/04 00:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/04 00:30:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001UA.job
[2013/04/04 00:23:37 | 000,000,512 | ---- | M] () -- C:\Users\Home\Desktop\MBR.dat
[2013/04/03 23:41:15 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Home\Desktop\aswMBR.exe
[2013/04/03 22:48:15 | 000,551,246 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Home\Desktop\JRT.exe
[2013/04/03 22:01:11 | 002,396,512 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/03 22:01:11 | 000,710,826 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/03 22:01:11 | 000,006,672 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/03 19:10:05 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Home.job
[2013/04/03 16:30:02 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3394970204-3036101845-2700764691-1001Core.job
[2013/04/03 15:19:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 15:19:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 15:12:04 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Home.job
[2013/04/03 15:10:52 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/03 15:10:50 | 000,131,072 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/04/03 15:10:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/03 15:10:34 | 3019,296,768 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/03 14:59:57 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/04/03 14:38:30 | 005,046,606 | R--- | M] (Swearware) -- C:\Users\Home\Desktop\ComboFix.exe
[2013/04/02 21:54:12 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Home.job
[2013/04/02 21:52:27 | 000,791,040 | ---- | M] () -- C:\Users\Home\Desktop\RogueKillerX64.exe
[2013/04/02 21:48:54 | 000,613,083 | ---- | M] () -- C:\Users\Home\Desktop\AdwCleaner.exe
[2013/04/02 19:34:34 | 000,003,624 | ---- | M] () -- C:\Windows\SysWow64\tmp.reg
[2013/04/02 19:32:45 | 000,000,035 | ---- | M] () -- C:\Users\Home\AppData\Roaming\SetValue.bat
[2013/04/02 17:59:55 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/02 17:59:55 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/02 17:59:55 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/02 17:59:55 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/04/02 17:59:55 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/02 17:59:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/02 17:59:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/02 17:59:55 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/02 17:59:55 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/02 17:59:55 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/02 17:59:55 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/02 17:59:55 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/02 17:59:55 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/02 17:59:55 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/02 17:59:55 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/02 17:59:55 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/02 17:59:55 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/02 17:59:55 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/02 17:59:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/02 17:59:55 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/02 17:59:54 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/04/02 17:59:54 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/04/02 17:59:54 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/02 17:59:54 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/02 17:59:54 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/04/02 17:59:54 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/04/02 17:59:54 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/04/02 17:59:54 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/04/02 17:59:54 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/02 17:59:54 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/04/02 17:59:54 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/04/02 17:59:54 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/04/02 17:59:54 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/04/02 17:59:54 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/04/02 17:59:54 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/04/02 17:59:54 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/02 17:59:54 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/04/02 17:59:54 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/04/02 17:59:54 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/02 17:59:54 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/04/02 17:59:54 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/04/02 17:59:54 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/04/02 17:59:54 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/04/02 17:59:54 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/04/02 17:59:54 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/04/02 17:59:54 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/04/02 17:59:54 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/04/02 17:59:54 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/04/02 17:59:54 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/04/02 17:59:54 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/04/02 17:59:54 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/04/02 17:59:54 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/04/02 17:59:54 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/04/02 17:59:54 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/04/02 17:59:54 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/02 17:59:54 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/04/02 17:59:54 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/04/02 17:59:54 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/02 17:59:54 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/02 17:59:54 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/04/02 17:59:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/04/02 17:59:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/04/02 17:59:54 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/04/02 17:59:54 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/02 17:59:54 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/04/02 17:59:54 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/02 17:59:54 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/04/02 17:59:54 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/02 17:59:54 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/04/02 17:59:54 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/04/02 17:57:46 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/04/02 17:57:46 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/04/02 17:57:46 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/02 17:57:46 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/04/02 17:57:46 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/04/02 17:57:46 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/04/02 17:57:46 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/02 17:57:46 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/02 17:57:46 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/04/02 17:57:46 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/02 17:57:46 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/04/02 17:57:46 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/04/02 17:57:46 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/02 17:57:46 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/02 17:57:46 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/04/02 17:57:46 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/04/02 17:57:46 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/04/02 17:57:46 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/04/02 17:57:46 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/04/02 17:57:46 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/04/02 17:57:46 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 17:57:46 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/02 12:45:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/04/01 22:51:10 | 000,001,016 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130402-122357.backup
[2013/04/01 22:48:31 | 000,890,798 | ---- | M] () -- C:\Users\Home\Desktop\SecurityCheck.exe
[2013/04/01 20:58:42 | 000,021,359 | ---- | M] () -- C:\Users\Home\Documents\Wolfattackrecords.png
[2013/04/01 20:58:41 | 000,000,132 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/04/01 20:58:34 | 000,242,826 | ---- | M] () -- C:\Users\Home\Documents\Wolfattackrecords.psd
[2013/04/01 16:02:01 | 001,275,737 | ---- | M] () -- C:\Users\Home\Desktop\839B5198-962A-448A-A7E4-BCCCE28103B9.jpg
[2013/03/29 18:42:02 | 000,002,952 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/03/29 11:45:50 | 006,488,710 | ---- | M] () -- C:\Users\Home\Desktop\Synchronize 2.mp3
[2013/03/28 12:08:08 | 006,488,710 | ---- | M] () -- C:\Users\Home\Desktop\Synchronize.mp3
[2013/03/28 12:00:08 | 000,356,680 | ---- | M] () -- C:\Users\Home\Desktop\bassstorm.png
[2013/03/28 12:00:02 | 003,059,727 | ---- | M] () -- C:\Users\Home\Desktop\bassstorm.psd
[2013/03/26 22:16:58 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Users\Home\Desktop\hackscrape.EXE
[2013/03/26 19:54:43 | 000,001,062 | ---- | M] () -- C:\Users\Home\Documents\Startup\Dropbox.lnk
[2013/03/26 02:35:56 | 000,588,288 | ---- | M] (Microsoft Corporation) -- C:\Users\Home\Desktop\horsespam2.EXE
[2013/03/25 00:49:01 | 000,000,065 | ---- | M] () -- C:\Users\Home\Desktop\config.ini
[2013/03/25 00:46:13 | 000,379,655 | ---- | M] () -- C:\Users\Home\Desktop\beard.exe
[2013/03/24 03:41:39 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/03/23 23:54:01 | 000,073,020 | ---- | M] () -- C:\Users\Home\Desktop\ANIME.psd
[2013/03/22 23:11:52 | 002,735,553 | ---- | M] () -- C:\Users\Home\Desktop\Chiefkeef.psd
[2013/03/22 21:57:33 | 003,132,550 | ---- | M] () -- C:\Users\Home\Desktop\TradgiK & SOTW 2013 DnB Mix.mp3
[2013/03/22 05:51:55 | 000,000,001 | ---- | M] () -- C:\Users\Home\random.dat
[2013/03/22 05:46:52 | 000,000,043 | ---- | M] () -- C:\Users\Home\jagex_cl_runescape_LIVE.dat
[2013/03/22 02:58:59 | 005,090,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/03/22 00:27:19 | 000,014,914 | ---- | M] () -- C:\Users\Home\Desktop\derp.php
[2013/03/22 00:05:18 | 000,101,416 | ---- | M] () -- C:\Users\Home\Desktop\MyriadPro-SemiboldIt.otf
[2013/03/21 15:10:50 | 000,024,779 | ---- | M] () -- C:\Users\Home\Documents\IMG_21032013_151205.png
[2013/03/21 03:00:06 | 000,059,125 | ---- | M] () -- C:\Users\Home\Documents\asian.jpg
[2013/03/21 02:36:22 | 000,001,885 | ---- | M] () -- C:\Users\Home\Desktop\Process Hacker 2.lnk
[2013/03/20 21:34:38 | 000,000,983 | ---- | M] () -- C:\Users\Home\Desktop\VPNium.lnk
[2013/03/16 01:45:14 | 000,000,955 | ---- | M] () -- C:\Users\Home\Desktop\LOVE.lnk
[2013/03/16 00:17:26 | 000,271,872 | ---- | M] (The UPX Team http://upx.sf.net) -- C:\Windows\SysWow64\upx.exe
[2013/03/16 00:02:29 | 000,235,056 | ---- | M] () -- C:\Windows\Discon.wav
[2013/03/16 00:02:29 | 000,087,600 | ---- | M] () -- C:\Windows\comp.wav
[2013/03/16 00:02:29 | 000,068,016 | ---- | M] () -- C:\Windows\Growl.wav
[2013/03/16 00:02:29 | 000,032,304 | ---- | M] () -- C:\Windows\broke.wav
[2013/03/16 00:02:28 | 002,014,348 | ---- | M] () -- C:\Windows\op.wav
[2013/03/16 00:02:28 | 000,412,672 | ---- | M] (JB) -- C:\Windows\SysWow64\vbskpro.ocx
[2013/03/15 04:20:39 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\DarkComet Remover.lnk
[2013/03/14 23:18:40 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2013/03/14 22:09:35 | 000,001,833 | ---- | M] () -- C:\Users\Home\Desktop\XChat.lnk
[2013/03/13 22:54:54 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/03/13 22:23:40 | 000,001,061 | ---- | M] () -- C:\Users\Home\Desktop\join.me.lnk
[2013/03/12 23:36:07 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/12 23:36:07 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/10 03:44:40 | 000,000,000 | ---- | M] () -- C:\Users\Home\Documents\ts3_clientui-win32-1351504843-2013-03-10 03_44_40.133000.dmp
[2013/03/09 01:56:11 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Massive.lnk
[2013/03/09 01:55:08 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Service Center.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/04 00:23:37 | 000,000,512 | ---- | C] () -- C:\Users\Home\Desktop\MBR.dat
[2013/04/03 14:58:39 | 000,131,072 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2013/04/03 14:39:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/03 14:39:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/03 14:39:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/03 14:39:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/03 14:39:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/02 21:52:14 | 000,791,040 | ---- | C] () -- C:\Users\Home\Desktop\RogueKillerX64.exe
[2013/04/02 21:48:36 | 000,613,083 | ---- | C] () -- C:\Users\Home\Desktop\AdwCleaner.exe
[2013/04/02 19:32:45 | 000,000,035 | ---- | C] () -- C:\Users\Home\AppData\Roaming\SetValue.bat
[2013/04/02 19:31:02 | 000,003,624 | ---- | C] () -- C:\Windows\SysWow64\tmp.reg
[2013/04/02 19:30:45 | 000,075,776 | ---- | C] () -- C:\Windows\SysWow64\WS2Fix.exe
[2013/04/02 19:30:45 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\dumphive.exe
[2013/04/02 19:09:46 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Home.job
[2013/04/02 19:09:43 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Home.job
[2013/04/02 19:09:40 | 000,000,362 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Home.job
[2013/04/02 17:59:54 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/02 17:59:54 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/04/02 17:44:14 | 000,002,091 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
[2013/04/02 17:44:14 | 000,000,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk
[2013/04/01 22:48:19 | 000,890,798 | ---- | C] () -- C:\Users\Home\Desktop\SecurityCheck.exe
[2013/04/01 20:58:39 | 000,021,359 | ---- | C] () -- C:\Users\Home\Documents\Wolfattackrecords.png
[2013/04/01 20:58:33 | 000,242,826 | ---- | C] () -- C:\Users\Home\Documents\Wolfattackrecords.psd
[2013/04/01 15:29:19 | 001,275,737 | ---- | C] () -- C:\Users\Home\Desktop\839B5198-962A-448A-A7E4-BCCCE28103B9.jpg
[2013/03/29 11:43:55 | 006,488,710 | ---- | C] () -- C:\Users\Home\Desktop\Synchronize 2.mp3
[2013/03/28 12:00:06 | 000,356,680 | ---- | C] () -- C:\Users\Home\Desktop\bassstorm.png
[2013/03/28 12:00:01 | 003,059,727 | ---- | C] () -- C:\Users\Home\Desktop\bassstorm.psd
[2013/03/28 11:51:32 | 006,488,710 | ---- | C] () -- C:\Users\Home\Desktop\Synchronize.mp3
[2013/03/25 00:49:01 | 000,000,065 | ---- | C] () -- C:\Users\Home\Desktop\config.ini
[2013/03/25 00:43:03 | 000,379,655 | ---- | C] () -- C:\Users\Home\Desktop\beard.exe
[2013/03/23 23:54:00 | 000,073,020 | ---- | C] () -- C:\Users\Home\Desktop\ANIME.psd
[2013/03/22 21:57:00 | 003,132,550 | ---- | C] () -- C:\Users\Home\Desktop\TradgiK & SOTW 2013 DnB Mix.mp3
[2013/03/22 00:27:14 | 000,014,914 | ---- | C] () -- C:\Users\Home\Desktop\derp.php
[2013/03/22 00:09:48 | 002,735,553 | ---- | C] () -- C:\Users\Home\Desktop\Chiefkeef.psd
[2013/03/22 00:05:09 | 000,101,416 | ---- | C] () -- C:\Users\Home\Desktop\MyriadPro-SemiboldIt.otf
[2013/03/21 15:10:34 | 000,024,779 | ---- | C] () -- C:\Users\Home\Documents\IMG_21032013_151205.png
[2013/03/21 02:59:31 | 000,059,125 | ---- | C] () -- C:\Users\Home\Documents\asian.jpg
[2013/03/20 21:34:38 | 000,000,983 | ---- | C] () -- C:\Users\Home\Desktop\VPNium.lnk
[2013/03/16 01:45:14 | 000,000,955 | ---- | C] () -- C:\Users\Home\Desktop\LOVE.lnk
[2013/03/15 04:57:27 | 000,001,885 | ---- | C] () -- C:\Users\Home\Desktop\Process Hacker 2.lnk
[2013/03/15 04:20:39 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\DarkComet Remover.lnk
[2013/03/14 22:09:35 | 000,001,833 | ---- | C] () -- C:\Users\Home\Desktop\XChat.lnk
[2013/03/13 22:54:54 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\Super Hide IP.lnk
[2013/03/13 22:23:40 | 000,001,061 | ---- | C] () -- C:\Users\Home\Desktop\join.me.lnk
[2013/03/10 03:44:40 | 000,000,000 | ---- | C] () -- C:\Users\Home\Documents\ts3_clientui-win32-1351504843-2013-03-10 03_44_40.133000.dmp
[2013/03/09 01:56:11 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Massive.lnk
[2013/03/09 01:55:08 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Service Center.lnk
[2013/03/03 22:54:47 | 000,207,766 | ---- | C] () -- C:\Users\Home\AppData\Local\debuggee.mdmp
[2013/02/21 20:30:47 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012/12/21 17:30:03 | 000,000,041 | ---- | C] () -- C:\Users\Home\matrix_cl_zenith_LIVE.dat
[2012/12/19 23:18:12 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/12/14 19:04:17 | 000,000,000 | ---- | C] () -- C:\Users\Home\Paradox_runescape_preferences.dat
[2012/12/09 23:49:52 | 000,581,642 | ---- | C] () -- C:\Users\Home\AppData\Roaming\technic-launcher.jar
[2012/11/30 18:20:02 | 000,000,631 | ---- | C] () -- C:\Users\Home\openvpn-connect.json
[2012/11/25 23:05:34 | 000,000,043 | ---- | C] () -- C:\Users\Home\jagex_cl_runescape_LIVE.dat
[2012/11/17 14:07:16 | 000,000,113 | ---- | C] () -- C:\Windows\SysWow64\SVG Drawer.ini
[2012/10/16 21:57:20 | 000,000,045 | ---- | C] () -- C:\Users\Home\jagex_cl_loginapplet_LIVE.dat
[2012/10/16 21:57:20 | 000,000,001 | ---- | C] () -- C:\Users\Home\random.dat
[2012/10/11 16:00:28 | 000,000,000 | ---- | C] () -- C:\Users\Home\jagex__preferences3.dat
[2012/10/11 16:00:25 | 000,000,099 | ---- | C] () -- C:\Users\Home\jagex_Runescape_preferences2.dat
[2012/10/11 16:00:08 | 000,000,046 | ---- | C] () -- C:\Users\Home\jagex_Runescape_preferences.dat
[2012/10/03 20:55:01 | 000,000,159 | ---- | C] () -- C:\Users\Home\AppData\Roaming\net.telestream.producer.xml
[2012/09/26 19:41:40 | 000,601,088 | ---- | C] () -- C:\Users\Home\AppData\Roaming\SharedSettings.ccs
[2012/09/26 18:40:19 | 000,000,104 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2012/07/15 00:28:54 | 000,000,171 | ---- | C] () -- C:\Windows\icecast2.ini
[2012/07/10 08:17:29 | 000,002,952 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/07/07 13:08:33 | 000,001,263 | ---- | C] () -- C:\Program Files (x86)\Spybot - Search & Destroy - Shortcut.lnk
[2012/06/17 19:40:44 | 000,001,456 | ---- | C] () -- C:\Users\Home\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/06/17 19:28:35 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012/06/10 05:25:15 | 000,000,132 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/05/10 19:23:04 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\minimp3.exe
[2012/04/22 15:29:52 | 000,000,091 | ---- | C] () -- C:\Users\Home\AppData\Local\NWUserDefault.ini
[2012/04/11 23:34:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012/04/02 17:04:39 | 000,000,185 | ---- | C] () -- C:\Windows\mdm.ini
[2012/04/02 17:04:33 | 000,000,760 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/04/02 17:04:33 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/04/02 15:52:33 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2012/03/25 10:24:56 | 000,005,890 | ---- | C] () -- C:\Windows\wininit.ini
[2012/03/11 12:44:08 | 000,006,656 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/11 11:59:45 | 000,000,600 | ---- | C] () -- C:\Users\Home\AppData\Local\PUTTY.RND
[2012/03/07 20:37:13 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/03/06 23:22:22 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/03/06 23:22:21 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/03/06 23:22:21 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/03/06 16:59:24 | 000,077,517 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012/01/31 22:38:05 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2012/01/30 21:26:09 | 000,001,806 | ---- | C] () -- C:\Windows\TSearch.INI
[2012/01/03 22:04:06 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/01/01 11:57:51 | 000,000,000 | ---- | C] () -- C:\Users\Home\AppData\Local\{C906B360-2338-4A7F-BBF7-13DE2F40B573}
[2011/12/29 17:58:09 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2011/10/14 21:32:55 | 000,221,179 | ---- | C] () -- C:\Users\Home\AppData\Roaming\UserTile.png
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/08/09 19:47:29 | 000,012,794 | --S- | C] () -- C:\Users\Home\AppData\Local\4kevyrk2a6v3ct6no2nj87x5vb840rrg23v3b5q10dw6tw
[2011/08/09 19:47:29 | 000,012,794 | --S- | C] () -- C:\ProgramData\4kevyrk2a6v3ct6no2nj87x5vb840rrg23v3b5q10dw6tw
[2011/06/29 19:03:02 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/09 11:31:57 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/05/18 21:29:50 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/04/30 21:54:10 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2010/03/21 14:29:48 | 000,007,602 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:AFC66739
< End of report >
#20
Posted 04 April 2013 - 12:57 AM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Hello Asentrik
We need to reset Chrome back to defaults to completely clear out what is going on.
We can keep the bookmarks by exporting them - Export Bookmarks
Then I need you to go Google Sync and sign into your account
scroll down untill you see the "Stop and Clear" button and click on button
At the prompt click on "Ok"
Now we need to uninstall chrome
I want you to uninstall Chrome and if asked about user data or settings then remove this also
restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.
Run OTL Script
Let me know How things are doing
Gringo
We need to reset Chrome back to defaults to completely clear out what is going on.
We can keep the bookmarks by exporting them - Export Bookmarks
Then I need you to go Google Sync and sign into your account
scroll down untill you see the "Stop and Clear" button and click on button
At the prompt click on "Ok"
Now we need to uninstall chrome
I want you to uninstall Chrome and if asked about user data or settings then remove this also
restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.
Run OTL Script
- Double-click OTL.exe to start the program.
- Copy and Paste the following code into the
text box.
:OTL IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1001\..\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}: "URL" = http://ib.startnow.c...eferrer:source} <http://ib.startnow.com/s/?q={searchTerms}&src=defsearch&provider=bing&provider_name=bing&provider_code=Z057&partner_id=333&product_id=706&affiliate_id=&channel=DPGL16&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110712&user_guid=47C88A11E3D84E31816397EC26FC2526&machine_id=e52128e3c8a65da48ccda2b575bac9b1&browser=IE&os=win&os_version=6.1-x64-SP0&iesrc={referrer:source}> IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}: "URL" = http://ib.startnow.c...eferrer:source} <http://ib.startnow.com/s/?q={searchTerms}&src=defsearch&provider=bing&provider_name=bing&provider_code=Z057&partner_id=333&product_id=706&affiliate_id=&channel=DPGL16&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110712&user_guid=47C88A11E3D84E31816397EC26FC2526&machine_id=e52128e3c8a65da48ccda2b575bac9b1&browser=IE&os=win&os_version=6.1-x64-SP0&iesrc={referrer:source}> IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}: "URL" = http://websearch.ask...4A-971987119EA4 <http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=kw&q={searchTerms}&locale=&apn_ptnrs=FM&apn_dtid=TES002YYUS&apn_uid=06fac2db-db64-4fbe-a8b4-6281007b9249&apn_sauid=BFB80FBF-38D6-41C3-B44A-971987119EA4> IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms} <http://dts.search-results.com/sr?src=ieb&appid=100&systemid=406&q={searchTerms}> IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox...id=80677&lng=en <http://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80677&lng=en> IE - HKU\S-1-5-21-3394970204-3036101845-2700764691-1013\..\SearchScopes\{C138E836-7A11-45FB-BFBC-6E8DA804570A}: "URL" = http://ws.infospace....r?_iceUrl=true <http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true&> user_id=%userid&tool_id=60231&qkw={searchTerms} [2011/01/31 22:27:59 | 000,000,000 | ---D | M] (XfireXO) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2012/09/26 18:40:19 | 000,000,104 | -HS- | C] () -- C:\Windows\WSYS049.SYS :Files ipconfig /flushdns /c :Commands [PURITY] [emptyjava] [EMPTYFLASH] [reboot] - Then click the Run Fix button at the top.
- Click
. - OTL may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles
It will be named - mmddyyyy_hhmmss.log
Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.
Let me know How things are doing
Gringo
#21
Posted 04 April 2013 - 02:00 AM
Asentrik
- Topic Starter
-
- Member
-
- 19 posts
Member
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4260182C-53DC-5177-430F-D0D732B41839}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4260182C-53DC-5177-430F-D0D732B41839}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{C138E836-7A11-45FB-BFBC-6E8DA804570A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C138E836-7A11-45FB-BFBC-6E8DA804570A}\ not found.
C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\META-INF folder moved successfully.
C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} folder moved successfully.
C:\Windows\WSYS049.SYS moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Home\Desktop\cmd.bat deleted successfully.
C:\Users\Home\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: derangedpksource
User: Home
->Java cache emptied: 0 bytes
User: Home.file_store_32
User: Public
User: Splaph-PC
->Java cache emptied: 393379 bytes
User: UpdatusUser
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 57616 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: derangedpksource
User: Home
->Flash cache emptied: 58144 bytes
User: Home.file_store_32
User: Public
User: Splaph-PC
->Flash cache emptied: 506 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04042013_024047
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4260182C-53DC-5177-430F-D0D732B41839}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{4260182C-53DC-5177-430F-D0D732B41839}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4260182C-53DC-5177-430F-D0D732B41839}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83B5DC4E-8B4C-4CD3-A48A-5FD9F95CC34F}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C04B7D22-5AEC-4561-8F49-27F6269208F6}\ not found.
Registry key HKEY_USERS\S-1-5-21-3394970204-3036101845-2700764691-1013\Software\Microsoft\Internet Explorer\SearchScopes\{C138E836-7A11-45FB-BFBC-6E8DA804570A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C138E836-7A11-45FB-BFBC-6E8DA804570A}\ not found.
C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\META-INF folder moved successfully.
C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} folder moved successfully.
C:\Windows\WSYS049.SYS moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Home\Desktop\cmd.bat deleted successfully.
C:\Users\Home\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: derangedpksource
User: Home
->Java cache emptied: 0 bytes
User: Home.file_store_32
User: Public
User: Splaph-PC
->Java cache emptied: 393379 bytes
User: UpdatusUser
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 57616 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: derangedpksource
User: Home
->Flash cache emptied: 58144 bytes
User: Home.file_store_32
User: Public
User: Splaph-PC
->Flash cache emptied: 506 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04042013_024047
#22
Posted 04 April 2013 - 02:04 AM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
How are things doing now?
#23
Posted 04 April 2013 - 02:03 PM
Asentrik
- Topic Starter
-
- Member
-
- 19 posts
Member
Things are doing A LOT better. When I start google it doesnt give me the Privitize Search thing. I just hope im not connected through some sort of proxy on their end. But yes, thank you gringo. Thanks for helping me fix my computer. I will send you 50 bucks to your paypal when I get the chance.
#24
Posted 04 April 2013 - 02:11 PM
Asentrik
- Topic Starter
-
- Member
-
- 19 posts
Member
Each time I try to search something on google up it comes up with this.
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
See Google Help for more information.
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
See Google Help for more information.
#25
Posted 04 April 2013 - 07:45 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
this is still happening in chrome or which browser - does it happen in all browsers
gringo
gringo
#26
Posted 06 April 2013 - 11:23 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Greetings
I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.
Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools
Gringo
I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.
Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools
Gringo
#27
Posted 10 April 2013 - 11:54 AM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Hello
48 Hour bump
It has been more than 48 hours since my last post.
Gringo
48 Hour bump
It has been more than 48 hours since my last post.
- do you still need help with this?
- do you need more time?
- are you having problems following my instructions?
- if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
#28
Posted 14 April 2013 - 08:17 PM
gringo_pr
-
- Malware Removal
-
- 7,268 posts
Trusted Helper
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
