Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-09-2013
Ran by Jeff (administrator) on JEFF-PC on 04-09-2013 17:33:25
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - D:\Program Files (x86)\Steam\steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Media Finder] - "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-10-18] (Google Inc.)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Jeff\AppData\Roaming\cache.dat [94208 2013-07-09] () <==== ATTENTION
MountPoints2: {34e51300-daa9-11df-a1c8-806e6f6e6963} - E:\setup.exe
MountPoints2: {4fe1d4fa-e73f-11e1-84ff-001fd05adeef} - F:\setup.exe -a
MountPoints2: {ef98c9d9-85a5-11e0-9fdb-001fd05adeef} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-25] (Ask)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [296056 2012-06-13] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-552 revA\wirelesscm.exe (D-Link Corp.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
URLSearchHook: (No Name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - No File
URLSearchHook: (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2304157
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.condui...&ctid=CT2304157
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylo...000002191063547
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2304157
SearchScopes: HKCU - {BF5CDBD7-EC78-41F8-A1B1-01829572104D} URL = http://us.yhs4.searc...p={searchTerms}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: MyTools Class - {C3A44133-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files (x86)\MyTools\MyTools.dll (MyTools)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: WeCareReminder Class - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
Toolbar: HKCU - No Name - {00000000-0000-0000-0000-000000000000} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\system32\Sendori.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll File Not found ()
Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll File Not found ()
Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll File Not found ()
Winsock: Catalog9 15 C:\Windows\system32\Sendori.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: General Crawler - C:\Users\Jeff\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (Google Docs) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (MyTools extension) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkbppmdgdfccoihhajoeflficbpgcnm\1.0_0
CHR Extension: (Google Search) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (TheBflix) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjakmojkcnhgipgkkbiempkfdndcnlah\5.0_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (General Crawler) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0
CHR Extension: (Skype Click to Call) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Shop With Purpose) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.21_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\Jeff\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx
CHR HKLM-x32\...\Chrome\Extension: [cnkbppmdgdfccoihhajoeflficbpgcnm] - C:\Program Files (x86)\MyTools\MyTools.crx
CHR HKLM-x32\...\Chrome\Extension: [hjakmojkcnhgipgkkbiempkfdndcnlah] - C:\ProgramData\TheBflix\hjakmojkcnhgipgkkbiempkfdndcnlah.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\Jeff\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [lkpmjnommfoljgjbckjmjhkmnhfmcmon] - C:\ProgramData\WeCareReminder\\wecarereminderro.crx
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Jeff\AppData\Local\Temp\YontooLayers.crx
==================== Services (Whitelisted) =================
S2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
S3 jswpsapi; C:\Program Files (x86)\D-Link\DWA-552 revA\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-03] ()
S2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)
S2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{8ce9e14c-79df-1736-3b31-e274407d39cf}\ \...\???\{8ce9e14c-79df-1736-3b31-e274407d39cf}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
S3 gdrv; C:\Windows\gdrv.sys [20544 2010-10-18] (Windows ® Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [20544 2010-10-18] (Windows ® Server 2003 DDK provider)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 usbbus; system32\DRIVERS\lgx64bus.sys [x]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [x]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-29 06:22 - 2013-08-30 16:57 - 00000004 _____ C:\Users\Jeff\AppData\Roaming\cache.ini
2013-08-29 02:33 - 2013-08-30 16:55 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Jeff.job
2013-08-29 02:33 - 2013-08-29 19:50 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Jeff.job
2013-08-29 02:33 - 2013-08-29 19:50 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Jeff.job
2013-08-29 02:33 - 2013-08-29 02:33 - 00003606 _____ C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Jeff
2013-08-29 02:33 - 2013-08-29 02:33 - 00002952 _____ C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Jeff
2013-08-29 02:33 - 2013-08-29 02:33 - 00002948 _____ C:\Windows\System32\Tasks\ReclaimerUpdateXML_Jeff
2013-08-29 02:33 - 2013-08-29 02:33 - 00002656 _____ C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Jeff
2013-08-14 03:06 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 03:06 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 03:06 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 03:06 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 03:06 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 03:06 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 03:06 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 03:06 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 03:06 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 03:06 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 03:06 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 03:06 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 03:06 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 03:06 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 03:00 - 2013-08-14 03:02 - 00000000 ____D C:\Windows\system32\MRT
2013-08-13 22:42 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-13 22:42 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-13 22:42 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 22:42 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-13 22:42 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-13 22:42 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-13 22:42 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-13 22:42 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-13 22:42 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-13 22:42 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-13 22:42 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-13 22:42 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-13 22:42 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-13 22:42 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-13 22:42 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-13 22:42 - 2013-07-09 00:53 - 00094208 _____ C:\Users\Jeff\AppData\Roaming\cache.dat
2013-08-13 22:42 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-13 22:42 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-13 22:42 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-13 22:42 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-13 22:42 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-13 22:42 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-13 22:42 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-13 22:42 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-13 22:42 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-13 22:42 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-13 22:42 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-13 22:42 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 22:42 - 2012-11-30 01:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-13 22:42 - 2012-11-30 01:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-13 22:42 - 2012-11-30 01:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-13 22:42 - 2012-11-30 01:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-13 22:42 - 2012-11-30 01:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 01:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-13 22:42 - 2012-11-30 00:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-13 22:42 - 2012-11-30 00:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-13 22:42 - 2012-11-29 23:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-13 22:42 - 2012-11-29 22:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-13 22:42 - 2012-11-29 22:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-13 22:42 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-13 22:42 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
==================== One Month Modified Files and Folders =======
2013-09-04 17:33 - 2013-09-04 17:33 - 00000000 ____D C:\FRST
2013-08-30 17:18 - 2010-10-18 13:43 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-30 17:18 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-30 17:18 - 2009-07-14 00:51 - 00053952 _____ C:\Windows\setupact.log
2013-08-30 16:57 - 2013-08-29 06:22 - 00000004 _____ C:\Users\Jeff\AppData\Roaming\cache.ini
2013-08-30 16:57 - 2010-10-18 04:22 - 02079092 _____ C:\Windows\WindowsUpdate.log
2013-08-30 16:57 - 2009-07-14 00:45 - 00010320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-30 16:57 - 2009-07-14 00:45 - 00010320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-30 16:55 - 2013-08-29 02:33 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Jeff.job
2013-08-30 16:55 - 2010-10-18 13:50 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-30 16:40 - 2010-10-18 13:50 - 00000000 ____D C:\Users\Jeff\AppData\Local\Google
2013-08-30 16:35 - 2009-07-14 01:13 - 00779116 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-30 16:21 - 2010-10-18 13:50 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-29 19:54 - 2012-03-07 14:39 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Skype
2013-08-29 19:50 - 2013-08-29 02:33 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Jeff.job
2013-08-29 19:50 - 2013-08-29 02:33 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Jeff.job
2013-08-29 18:50 - 2012-04-11 12:51 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-29 06:26 - 2013-02-13 13:58 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-29 06:17 - 2012-11-09 03:34 - 00000000 ____D C:\ProgramData\Sendori
2013-08-29 06:17 - 2010-10-18 13:49 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-29 02:33 - 2013-08-29 02:33 - 00003606 _____ C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Jeff
2013-08-29 02:33 - 2013-08-29 02:33 - 00002952 _____ C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Jeff
2013-08-29 02:33 - 2013-08-29 02:33 - 00002948 _____ C:\Windows\System32\Tasks\ReclaimerUpdateXML_Jeff
2013-08-29 02:33 - 2013-08-29 02:33 - 00002656 _____ C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Jeff
2013-08-28 17:43 - 2012-11-09 03:34 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-08-14 03:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-08-14 03:17 - 2012-04-11 12:51 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-14 03:17 - 2012-04-11 12:51 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-14 03:17 - 2011-05-23 21:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-14 03:17 - 2010-10-18 15:24 - 00000000 ____D C:\Users\Jeff\AppData\Local\Adobe
2013-08-14 03:02 - 2013-08-14 03:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 03:00 - 2010-10-18 15:40 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 16:48 - 2009-07-14 01:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-12 11:25 - 2011-09-27 12:42 - 00000000 ____D C:\Users\Jeff\AppData\Roaming\Origin
2013-08-12 11:25 - 2011-09-27 12:42 - 00000000 ____D C:\Users\Jeff\AppData\Local\Origin
Files to move or delete:
====================
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install\{8ce9e14c-79df-1736-3b31-e274407d39cf}
C:\Users\Jeff\AppData\Roaming\cache.dat
C:\Users\Jeff\AppData\Roaming\cache.ini
C:\Users\Jeff\AppData\Local\Temp\7za.exe
C:\Users\Jeff\AppData\Local\Temp\AskSLib.dll
C:\Users\Jeff\AppData\Local\Temp\babylon.exe
C:\Users\Jeff\AppData\Local\Temp\BestVideoDownloaderSetup-Silent.exe
C:\Users\Jeff\AppData\Local\Temp\contentDATs.exe
C:\Users\Jeff\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jeff\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Jeff\AppData\Local\Temp\ffunzip.exe
C:\Users\Jeff\AppData\Local\Temp\htmlayout.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll-114861788.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll-114874798.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll1031875134.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll1031889704.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll1032013241.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll466804365.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll466807844.dll
C:\Users\Jeff\AppData\Local\Temp\installerdll466817173.dll
C:\Users\Jeff\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Jeff\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Jeff\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Jeff\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Jeff\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Jeff\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Jeff\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jeff\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jeff\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Jeff\AppData\Local\Temp\lowproc.exe
C:\Users\Jeff\AppData\Local\Temp\Medal of Honor_uninst.exe
C:\Users\Jeff\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Jeff\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Jeff\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Jeff\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Jeff\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Jeff\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Jeff\AppData\Local\Temp\nvStInst.exe
C:\Users\Jeff\AppData\Local\Temp\OriginLauncher466804365.exe
C:\Users\Jeff\AppData\Local\Temp\prxGLF3B42.tmp.tbVuze.dll
C:\Users\Jeff\AppData\Local\Temp\rootsupd.exe
C:\Users\Jeff\AppData\Local\Temp\Setup.exe
C:\Users\Jeff\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jeff\AppData\Local\Temp\sonarinst.exe
C:\Users\Jeff\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Jeff\AppData\Local\Temp\stubhelper.dll
C:\Users\Jeff\AppData\Local\Temp\tbVuze.dll
C:\Users\Jeff\AppData\Local\Temp\TB_3368.exe
C:\Users\Jeff\AppData\Local\Temp\Uninstaller-5248.exe
C:\Users\Jeff\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Jeff\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Jeff\AppData\Local\Temp\vzf-5270425295302617493.dll
C:\Users\Jeff\AppData\Local\Temp\vzf-9155066908513026826.dll
C:\Users\Jeff\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Jeff\AppData\Local\Temp\YontooIEClient.dll
C:\Users\Jeff\AppData\Local\Temp\YontooSetup-Silent.exe
C:\Users\Jeff\AppData\Local\Temp\~rnsetup\GEMSETUP\pnrs3260.dll
C:\Users\Jeff\AppData\Local\Temp\{F1B6C551-C87B-4821-B452-6997CAE3DD6F}\{6F6F39E3-D24D-4EEE-9AEA-DEDAF991385D}\InstallHelper.dll
C:\Users\Jeff\AppData\Local\Temp\SOERedist\DSETUP.dll
C:\Users\Jeff\AppData\Local\Temp\SOERedist\dsetup32.dll
C:\Users\Jeff\AppData\Local\Temp\SOERedist\DXSETUP.exe
C:\Users\Jeff\AppData\Local\Temp\SOERedist\dxwebsetup.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA723847245\GPU_Reader.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA1077266571\GPU_Reader.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA-849711486\GPU_Reader.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA-1620166804\GPU_Reader.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\setup.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvaudcap32v.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvaudcap64v.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvgenco32.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvgenco64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVI2.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVI2UI.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVPrxy32.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVPrxy64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\ReleaseHighlights.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\MS.NET\dotNetFx40_Full_setup.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\MS.NET\MSNetExt.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\clrzmq.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\detoured.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\libzmq.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvFBC.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvsteamsupport.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\protobuf-net.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\rxinput.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\steam_api.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\detoured.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\libzmq.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvFBC.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvsteamsupport.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\rxinput.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\steam_api64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\7z.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\DisplayCplExt.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ExtensionLoader.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GalaSoft.MvvmLight.Extras.WPF4.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GalaSoft.MvvmLight.WPF4.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperience.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperienceControls.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperienceCore.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperienceExt.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GridService.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\InstallerService.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\InstallerUIExtension.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\log4net.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\Microsoft.Practices.ServiceLocation.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\Microsoft.WindowsAPICodePack.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\Microsoft.WindowsAPICodePack.Shell.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.Settings.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.Settings.Properties.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.UpdateService.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.Win32Api.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\nvtmru.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\oaremote_plugin.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ShadowPlay.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Core.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Interfaces.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Linq.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.PlatformServices.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Providers.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Runtime.Remoting.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Windows.Threading.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Windows.Interactivity.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\zh-CHT\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\zh-CHS\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\tr-TR\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\th-TH\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\sv-SE\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\sl-SI\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\sk-SK\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ru-RU\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\pt-PT\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\pt-BR\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\pl-PL\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\nl-NL\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\nb-NO\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ko-KR\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ja-JP\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\it-IT\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\hu-HU\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\he-IL\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\fr-FR\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\fi-FI\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\es-MX\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\es-ES\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\en-US\GFExperience.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\en-US\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\en-GB\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\el-GR\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\de-DE\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\da-DK\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\cs-CZ\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ar-AE\GFExperienceControls.resources.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\ComUpdatus.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\daemonu.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\easyDaemonAPIU32.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\easyDaemonAPIU64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdt32.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdt64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtr32.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtr64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtrXP32.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtrXP64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtXP32.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtXP64.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\UpdateExt.dll
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\WLMerger.exe
C:\Users\Jeff\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Optimus\OptimusExt.dll
C:\Users\Jeff\AppData\Local\Temp\mtka_tmp\dsspacker_launcher.exe
C:\Users\Jeff\AppData\Local\Temp\MozUpdater-2\updater.exe
C:\Users\Jeff\AppData\Local\Temp\MozUpdater-1\updater.exe
C:\Users\Jeff\AppData\Local\Temp\MozUpdater\updater.exe
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\Jeff\AppData\Local\Temp\lu\1_spp_setpointp.exe
C:\Users\Jeff\AppData\Local\Temp\lu\2_spp_1000083.exe
C:\Users\Jeff\AppData\Local\Temp\ispF987.tmp\_Setup.dll
C:\Users\Jeff\AppData\Local\Temp\is-NHTAT.tmp\MF_setup.exe
C:\Users\Jeff\AppData\Local\Temp\fla920B.tmp\gamefly_update_1.2.364.exe
C:\Users\Jeff\AppData\Local\Temp\E8AA1C18-BAB0-7891-ADE7-42702EFD1E9F\BabylonTBUpdater.dll
C:\Users\Jeff\AppData\Local\Temp\E8AA1C18-BAB0-7891-ADE7-42702EFD1E9F\BabylonTBUpdater.exe
C:\Users\Jeff\AppData\Local\Temp\E8AA1C18-BAB0-7891-ADE7-42702EFD1E9F\MyBabylonTB.exe
C:\Users\Jeff\AppData\Local\Temp\E8AA1C18-BAB0-7891-ADE7-42702EFD1E9F\Setup.exe
C:\Users\Jeff\AppData\Local\Temp\E8AA1C18-BAB0-7891-ADE7-42702EFD1E9F\sqlite3.dll
C:\Users\Jeff\AppData\Local\Temp\e4j17E5.tmp_dir31338\i4jdel.exe
C:\Users\Jeff\AppData\Local\Temp\e4j12A5.tmp_dir6833\i4jdel.exe
C:\Users\Jeff\AppData\Local\Temp\E27C.dir\InstallFlashPlayer.exe
C:\Users\Jeff\AppData\Local\Temp\ct2504091\components\RadioWMPCoreGecko19.dll
C:\Users\Jeff\AppData\Local\Temp\ct2504091\components\RadioWMPCoreGecko5.dll
C:\Users\Jeff\AppData\Local\Temp\ct2504091\components\RadioWMPCoreGecko6.dll
C:\Users\Jeff\AppData\Local\Temp\ct2504091\components\RadioWMPCoreGecko7.dll
C:\Users\Jeff\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\Jeff\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.1\GPU_Reader.dll
C:\Users\Jeff\AppData\Local\Temp\CFAA.dir\InstallFlashPlayer.exe
C:\Users\Jeff\AppData\Local\Temp\BF2A.dir\InstallFlashPlayer.exe
C:\Users\Jeff\AppData\Local\Temp\Addons\9B107AAC\bflix_extension.exe
C:\Users\Jeff\AppData\Local\Temp\Addons\9B107AAC\mytools.exe
C:\Users\Jeff\AppData\Local\Temp\Addons\9B107AAC\mytools_extension.exe
C:\Users\Jeff\AppData\Local\Temp\875.dir\InstallFlashPlayer.exe
C:\Users\Jeff\AppData\Local\Temp\1323.dir\InstallFlashPlayer.exe
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\GoogleEarth.exe
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcp100.dll
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcr100.dll
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\Jeff\AppData\Local\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\plugin_ax.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2013-08-22 00:44
==================== End Of Log ============================