Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

lb.adnxs.com

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

lb.adnxs.com

Unread postby Will Reed » September 20th, 2012, 10:56 pm

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Will Reed-Green Clea at 20:53:16 on 2012-09-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16333.10881 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Users\Will Reed-Green Clea\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\VIA_XHCI\usb3Monitor.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
D:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Thermaltake\Tt eSPORTS BLACK Element\BlackElement.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\ytbb.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskhost.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
D:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.optionshouse.com/
mStart Page = hxxp://start.funmoods.com/?f=1&a=adknlg ... 1509737446
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: FCToolbarURLSearchHook Class: {c111c814-fd58-0a04-3924-998b53830e29} - C:\Program Files (x86)\Shop to Win 29\Helper.dll
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Qwiklinx: {3e7c8b5a-96ab-438f-bf9b-782400655440} - C:\Users\Will Reed-Green Clea\AppData\Roaming\Qwiklinx\Qwiklinx.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Shop to Win: {5abd6c72-ffd7-b634-a92b-d77d5960e009} - C:\Program Files (x86)\Shop to Win 29\Shop to Win 29.dll
BHO: Funmoods Helper Object: {75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll
BHO: DefaultTab Browser Helper: {7f6afbf1-e065-4627-a2fd-810366367d01} - C:\Users\Will Reed-Green Clea\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
TB: Funmoods Toolbar: {a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Steam] "D:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Tt eSPORTS BLACK Element Gaming Mouse] "C:\Program Files (x86)\Thermaltake\Tt eSPORTS BLACK Element\BlackElement.exe" /Automation
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/s ... wflash.cab
TCP: DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
TCP: Interfaces\{8EFC7F4F-768D-462E-A7E2-09C2EF707DF2} : DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll
BHO-X64: PriceGong - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Qwiklinx: {3E7C8B5A-96AB-438F-BF9B-782400655440} - C:\Users\Will Reed-Green Clea\AppData\Roaming\Qwiklinx\Qwiklinx.dll
BHO-X64: Qwiklinx - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Shop to Win: {5ABD6C72-FFD7-B634-A92B-D77D5960E009} - C:\Program Files (x86)\Shop to Win 29\Shop to Win 29.dll
BHO-X64: FCTBPos00Pos - No File
BHO-X64: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll
BHO-X64: Funmoods Helper Object - No File
BHO-X64: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Will Reed-Green Clea\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO-X64: DefaultTabBHO - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
BHO-X64: Searchqu Toolbar - No File
BHO-X64: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Tt eSPORTS BLACK Element Gaming Mouse] "C:\Program Files (x86)\Thermaltake\Tt eSPORTS BLACK Element\BlackElement.exe" /Automation
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce-x64: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
AppInit_DLLs-X64: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://us.mg6.mail.yahoo.com/neo/launch ... ebook.com/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... 06&sr=0&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: D:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=adknlg ... 1509737446
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=adknlg ... 1509737446
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=adknlg ... 9737446&q=
FF - user.js: extensions.funmoods.id - 902B345231CC5951
FF - user.js: extensions.funmoods.instlDay - 15596
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.229:19:47
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - adknlg
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - adknlg
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?]
R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 RapportCerberus_42020;RapportCerberus_42020;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_42020.sys [2012-9-19 397720]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-9-7 55096]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-9-7 297240]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-9-14 44808]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Will Reed-Green Clea\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-9-13 107520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-9-12 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-9-12 161560]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-9-7 976728]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-9-13 1153368]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-9-12 363800]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-9-12 160256]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Thermnaltake MS2 Filter;Thermnaltake MS2 Filter;C:\Windows\System32\drivers\MS2Filter.sys [2012-9-12 31360]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\system32\DRIVERS\ViaHub3.sys --> C:\Windows\system32\DRIVERS\ViaHub3.sys [?]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\system32\DRIVERS\xhcdrv.sys --> C:\Windows\system32\DRIVERS\xhcdrv.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-14 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-9-12 250568]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-9-14 136176]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-9-12 30528]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-12 113120]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-09-20 03:31:20 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-09-19 18:21:06 -------- d-----w- C:\Windows\PCHEALTH
2012-09-19 18:19:53 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-09-19 18:19:36 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\Microsoft Help
2012-09-19 13:26:53 101688 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2012-09-19 13:26:48 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\Trusteer
2012-09-19 13:26:47 -------- d-----w- C:\Program Files (x86)\Trusteer
2012-09-19 13:26:19 -------- d-----w- C:\ProgramData\Trusteer
2012-09-18 13:21:02 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E43D1389-44AB-4944-8889-011B21C70C80}\mpengine.dll
2012-09-17 21:00:57 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\Ilivid Player
2012-09-15 21:58:18 -------- d-----w- C:\ProgramData\Stardock
2012-09-15 21:58:18 -------- d-----w- C:\ProgramData\Ironclad Games
2012-09-14 09:00:17 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-09-14 07:34:34 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-09-14 07:34:34 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-09-14 07:34:34 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-09-14 07:34:27 41224 ----a-w- C:\Windows\avastSS.scr
2012-09-14 07:34:21 -------- d-----w- C:\ProgramData\AVAST Software
2012-09-14 07:34:21 -------- d-----w- C:\Program Files\AVAST Software
2012-09-14 00:20:07 -------- d-----w- C:\ProgramData\boost_interprocess
2012-09-14 00:20:07 -------- d-----w- C:\Program Files (x86)\Searchqu Toolbar
2012-09-13 21:32:08 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-09-13 21:32:08 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-09-13 21:32:08 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-09-13 21:32:08 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-09-13 21:32:08 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-09-13 21:32:08 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-09-13 21:32:08 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2012-09-13 21:32:08 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-09-13 21:32:08 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-09-13 21:32:08 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-09-13 21:32:08 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-09-13 21:13:14 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-09-13 21:13:14 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-09-13 21:13:14 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-09-13 21:13:14 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-09-13 21:13:14 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-09-13 21:13:14 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-09-13 21:13:14 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-09-13 21:12:37 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2012-09-13 18:44:07 -------- d-----w- C:\Program Files (x86)\Yahoo!
2012-09-13 16:11:33 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-09-13 16:11:33 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-09-13 16:02:42 -------- d-----w- C:\Program Files\Enigma Software Group
2012-09-13 16:02:30 -------- d-----w- C:\Windows\8C5C34C7BC6B48318B2C6535FE63E502.TMP
2012-09-13 16:02:29 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-09-13 15:23:01 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll
2012-09-13 15:23:01 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX
2012-09-13 15:23:01 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX
2012-09-13 15:23:00 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL
2012-09-13 15:23:00 -------- d-----w- C:\Program Files (x86)\PDFCreator
2012-09-13 15:21:58 -------- d-----w- C:\Program Files (x86)\PriceGong
2012-09-13 15:21:43 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Roaming\DefaultTab
2012-09-13 15:20:50 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Roaming\Qwiklinx
2012-09-13 15:20:50 -------- d-----w- C:\Program Files (x86)\Qwiklinx
2012-09-13 15:20:49 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Roaming\Shop to Win 29
2012-09-13 15:20:48 -------- d-----w- C:\Program Files (x86)\Shop to Win 29
2012-09-13 15:19:52 -------- d-----w- C:\Program Files (x86)\OApps
2012-09-13 15:19:49 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\Google
2012-09-13 03:40:40 -------- d--h--w- C:\ProgramData\CanonIJSolutionMenu
2012-09-13 03:28:59 -------- d--h--w- C:\ProgramData\CanonIJMyPrinter
2012-09-13 03:28:54 -------- d-----w- C:\ProgramData\CanonIJPLM
2012-09-13 03:27:30 -------- d-----w- C:\Program Files\Canon
2012-09-13 03:26:32 251904 ----a-w- C:\Windows\System32\CNMN6PPM.DLL
2012-09-13 03:26:32 152064 ----a-w- C:\Windows\System32\CNMN6UI.DLL
2012-09-13 03:24:59 92672 ----a-w- C:\Windows\System32\CNC860I.DLL
2012-09-13 03:24:59 299520 ----a-w- C:\Windows\System32\CNC860L.DLL
2012-09-13 03:24:59 235008 ----a-w- C:\Windows\System32\CNC860O.DLL
2012-09-13 03:24:59 17920 ----a-w- C:\Windows\System32\CNHMCA6.DLL
2012-09-13 03:24:59 1342976 ----a-w- C:\Windows\System32\CNC860C.DLL
2012-09-13 03:19:00 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\Adobe
2012-09-13 02:16:08 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-09-13 01:57:36 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\Macromedia
2012-09-13 01:57:27 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-13 01:57:27 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-13 01:41:48 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\Mozilla
2012-09-13 01:41:45 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-09-13 01:39:03 57072 ----a-w- C:\Windows\System32\drivers\MS2Filter.sys
2012-09-13 01:39:03 31360 ----a-w- C:\Windows\SysWow64\drivers\MS2Filter.sys
2012-09-13 01:39:02 -------- d-----w- C:\Program Files (x86)\Thermaltake
2012-09-13 01:38:56 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-09-13 01:38:56 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-09-13 01:38:56 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-09-13 01:38:56 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-09-13 01:38:56 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-09-13 01:38:56 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-09-13 01:38:56 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-09-13 01:28:27 -------- d-----w- C:\Windows\SysWow64\Wat
2012-09-13 01:28:27 -------- d-----w- C:\Windows\System32\Wat
2012-09-13 01:28:14 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-09-13 01:28:14 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-09-13 01:28:14 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-09-13 01:15:53 -------- d-----w- C:\Windows\Panther
2012-09-13 01:07:13 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-09-13 01:07:13 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-09-13 01:07:13 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-09-13 01:07:13 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-09-13 01:07:13 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-09-13 01:07:13 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-09-13 01:07:13 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-09-13 01:05:50 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-09-13 01:04:08 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\WindowsUpdate
2012-09-13 01:02:41 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Local\ATI
2012-09-13 01:02:22 0 ----a-w- C:\Windows\ativpsrm.bin
2012-09-13 01:01:48 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2012-09-13 01:01:48 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-09-13 01:01:48 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-09-13 01:01:40 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-09-13 01:01:35 -------- d-----w- C:\Program Files\ATI Technologies
2012-09-13 01:01:32 -------- d-----w- C:\Program Files\ATI
2012-09-13 01:00:57 -------- d-----w- C:\AMD
2012-09-13 00:56:38 -------- d-----w- C:\Users\Will Reed-Green Clea\AppData\Roaming\Intel Corporation
2012-09-13 00:56:14 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-09-13 00:55:51 30528 ----a-w- C:\Windows\GVTDrv64.sys
2012-09-13 00:55:34 25640 ----a-w- C:\Windows\gdrv.sys
2012-09-13 00:48:22 -------- d-----w- C:\Program Files (x86)\AMD
2012-09-13 00:42:36 254464 ----a-r- C:\Windows\System32\drivers\xhcdrv.sys
2012-09-13 00:41:54 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-09-13 00:41:11 646248 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-09-13 00:41:10 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-09-13 00:41:10 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-09-13 00:39:59 200800 ----a-w- C:\Windows\System32\AERTAC64.dll
.
==================== Find3M ====================
.
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 19:01:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-08-21 19:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-08-21 19:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-07-28 04:47:40 187392 ----a-w- C:\Windows\System32\clinfo.exe
2012-07-28 04:47:24 75776 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-07-28 04:47:16 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-07-28 04:47:10 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-07-28 04:47:06 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-07-28 04:46:56 16464896 ----a-w- C:\Windows\System32\amdocl64.dll
2012-07-28 04:46:06 13013504 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-07-28 04:44:56 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2012-07-28 04:44:42 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-07-28 04:09:20 5538984 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-07-28 04:07:44 10278912 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-07-28 03:43:12 70144 ----a-w- C:\Windows\System32\coinst_8.982.dll
2012-07-28 03:19:34 24935424 ----a-w- C:\Windows\System32\atio6axx.dll
2012-07-28 02:50:10 20546560 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-07-28 02:15:50 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-07-28 02:15:42 931328 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-07-28 02:13:56 1100288 ----a-w- C:\Windows\System32\aticfx64.dll
2012-07-28 02:10:40 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-07-28 02:10:34 534528 ----a-w- C:\Windows\System32\atieclxx.exe
2012-07-28 02:09:44 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-07-28 02:08:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-07-28 02:08:04 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-07-28 02:07:58 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-07-28 02:07:52 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-07-28 02:07:10 6430208 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-07-28 01:51:12 7052288 ----a-w- C:\Windows\System32\atidxx64.dll
2012-07-28 01:41:32 4266496 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-07-28 01:35:10 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-07-28 01:35:08 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-07-28 01:35:02 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-07-28 01:35:00 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-07-28 01:34:48 16034304 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-07-28 01:32:32 4751872 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-07-28 01:30:10 13605888 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-07-28 01:25:52 6676480 ----a-w- C:\Windows\System32\atiumd64.dll
2012-07-28 01:22:36 77312 ----a-w- C:\Windows\System32\amdave64.dll
2012-07-28 01:22:28 77312 ----a-w- C:\Windows\SysWow64\amdave32.dll
2012-07-28 01:22:16 74240 ----a-w- C:\Windows\System32\atisamu64.dll
2012-07-28 01:22:10 71168 ----a-w- C:\Windows\atisamu32.dll
2012-07-28 01:15:32 540160 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-07-28 01:15:22 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-07-28 01:15:12 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-07-28 01:15:08 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-07-28 01:15:08 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-07-28 01:15:04 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-07-28 01:14:56 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-07-28 01:14:46 368640 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-07-28 01:13:54 129536 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-07-28 01:13:48 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-07-28 01:13:40 103936 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-07-28 01:13:32 83456 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-07-28 01:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-07-04 20:26:03 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
.
============= FINISH: 20:53:38.15 ===============
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm
Advertisement
Register to Remove

Re: lb.adnxs.com

Unread postby nunped » September 22nd, 2012, 1:10 pm

Hello Will Reed, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: lb.adnxs.com

Unread postby nunped » September 25th, 2012, 10:52 am

Hi Will Reed, :)

Can you tell me what problems are you experiencing with your computer?

I also need the Attach.txt file, created by DDS. If you can't find it, please run DDS one more time and copy/paste the contents of attach.txt in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: lb.adnxs.com

Unread postby nunped » September 28th, 2012, 9:10 am

Hi Will Reed :)

It's been almost 3 days since my last post.
Do you still need our assistance?
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: lb.adnxs.com

Unread postby Will Reed » September 28th, 2012, 11:14 am

Yes, I will be posting the text file today.
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby Will Reed » September 28th, 2012, 11:20 am

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/12/2012 6:34:05 PM
System Uptime: 9/28/2012 9:08:56 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | Z77X-UP4 TH
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | 3403/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 23.85 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 1545.314 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Canon MX860 ser Network
Device ID: ROOT\CANON_IJ_NETWORK\0000
Manufacturer: Canon
Name: Canon MX860 ser Network
PNP Device ID: ROOT\CANON_IJ_NETWORK\0000
Service: StillCam
.
==== System Restore Points ===================
.
RP35: 9/20/2012 7:59:12 AM - Windows Update
RP36: 9/21/2012 12:37:58 AM - Windows Update
RP37: 9/22/2012 11:44:05 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP38: 9/22/2012 11:44:13 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP39: 9/22/2012 11:49:04 PM - Windows Update
RP40: 9/23/2012 3:00:10 AM - Windows Update
RP41: 9/24/2012 12:04:39 AM - Windows Update
RP42: 9/24/2012 10:59:56 PM - Installed DirectX
RP43: 9/26/2012 12:43:41 PM - Windows Update
.
==== Installed Programs ======================
.
@BIOS
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Alien Breed 3: Descent
Apple Application Support
Apple Software Update
AutoGreen B12.0206.1
avast! Free Antivirus
Batman: Arkham Asylum GOTY Edition
Beat Hazard
Borderlands
Borderlands 2
BRINK
Call of Duty: World at War
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 2.1
Canon MX860 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Command and Conquer 4: Tiberian Twilight
Company of Heroes
Company of Heroes: Tales of Valor
Crysis 2 Maximum Edition
Darksiders
Dead Space
DefaultTab
Defense Grid: The Awakening
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Duke Nukem Forever
Dungeon Defenders
Dungeon Siege III
DUNGEONS - Steam Special Edition
DUNGEONS - The Dark Lord (Steam Special Edition)
Easy Tune 6 B12.0525.1
Endless Space
Evochron Mercenary
F.E.A.R. 2: Project Origin
F.E.A.R. 3
Front Mission Evolved
Frontlines: Fuel of War
Google Chrome
Google Chrome Frame
Google Update Helper
Grand Theft Auto IV
Grand Theft Auto: San Andreas
Heroes of Might and Magic V
Heroes of Might and Magic V: Hammers of Fate
Heroes of Might and Magic V: Tribes of the East
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
King Arthur - The Role-playing Wargame
Left 4 Dead 2
Mass Effect
Medal of Honor: Airborne
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mount & Blade
Mount & Blade: Warband
Mount & Blade: With Fire and Sword
Mozilla Firefox 13.0 (x86 en-US)
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
Nation Red
Neverwinter Nights 2: Platinum
ON_OFF Charge B11.1102.1
Orcs Must Die! 2
Painkiller Overdose
PDFCreator
Platform
Post Apocalyptic Mayhem
Qwiklinx
Rapport
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Resident Evil 5
S.T.A.L.K.E.R.: Shadow of Chernobyl
Searchqu Toolbar
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Sins of a Solar Empire: Rebellion
Spybot - Search & Destroy
Star Wars: Knights of the Old Republic
Steam
Supreme Commander 2
The Darkness II
The Elder Scrolls IV: Oblivion
The Last Remnant
Transformers: War for Cybertron
Tt eSPORTS BLACK Element
Universe Sandbox
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VIA Platform Device Manager
VideoFileDownload
Warhammer 40,000 Space Marine
Warhammer® 40,000™: Dawn of War® II – Retribution™
X-COM: Enforcer
XCOM: Enemy Unknown Demo
Yahoo! Software Update
Yahoo! Toolbar
Zombie Driver
.
==== Event Viewer Messages From Past Week ========
.
9/27/2012 8:31:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
9/27/2012 8:31:16 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/26/2012 5:45:06 PM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
9/26/2012 5:45:05 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Capability Licensing Service Interface service to connect.
9/26/2012 5:45:05 PM, Error: Service Control Manager [7000] - The Intel(R) Capability Licensing Service Interface service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/25/2012 6:02:04 PM, Error: Service Control Manager [7034] - The Microsoft Software Shadow Copy Provider service terminated unexpectedly. It has done this 1 time(s).
9/22/2012 11:48:56 PM, Error: Service Control Manager [7034] - The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================


My computer acts normally other then it has ad pops while reading some web content.
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby nunped » September 29th, 2012, 10:54 am

Hi Will Reed!

Please follow the following steps:

Step 1 - Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Qwiklinx
Searchqu Toolbar
VideoFileDownload
DefaultTab


Step 2 - Perform a Custom Fix with OTL
Please right-click on the filename link below and select "Save target as..." or "Save Link as...", choose the Desktop location, and choose to save as the filename: Fix.txt
Vista or Win 7, 64 bit: SQW7-Vista_x64.TXT

Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
Right click the OTL icon and choose "Run as administrator"
  • Click the Run Fix button at the top.
  • You will see a popup dialog reporting "No fix has been provided. Click OK to load from a file or Cancel". Click on OK
  • When the Open dialog comes up, Navigate to the Desktop, scroll to find the file named Fix.txt and click Open
  • Some text will appear in the Custom scans/Fixes box.
  • Click the Run Fix button.
  • Let the program run unhindered and reboot the PC when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply. The file will also appear on the OTL location.

Step 3 - Scan with SystemLook
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


  • Right click SystemLook.exe and select "run as administrator" to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *eoengine*
    *eobho*
    *EoRezo*
    
    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    
    :Regfind
    Fun4IM
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech
    AFBB7970-789A-4264-BA70-E8127DECE400
    18AF7201-4F14-4BCF-93FE-45617CF259FF
    DF76E9B7-35EC-46FC-AF56-5B79DED9D64F
    C10DC1F4-CCDF-4224-A24D-B23AFC3573C8
    EoRezo
    eobho
    ieobho
    eoengine
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


For your next reply, please post:

  • Log from OTL
  • Log from SystemLook (systemlook.txt)
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: lb.adnxs.com

Unread postby Will Reed » September 30th, 2012, 3:23 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 11:11 on 30/09/2012 by Will Reed-Green Clea
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
C:\Users\Will Reed-Green Clea\AppData\Local\Temp\searchqutoolbar-manifest.xml --a---- 9422 bytes [08:42 27/02/2012] [08:42 27/02/2012] B4CF632013D5A08B137DB737D2825F12

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*eoengine*"
No files found.

Searching for "*eobho*"
No files found.

Searching for "*EoRezo*"
No files found.

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
C:\Users\Will Reed-Green Clea\AppData\LocalLow\searchquband d------ [07:07 14/09/2012]

Searching for "*iLivid*"
C:\Users\Will Reed-Green Clea\AppData\Local\Ilivid Player d------ [21:00 17/09/2012]

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
C:\Users\Will Reed-Green Clea\AppData\LocalLow\DataMngr d------ [07:07 14/09/2012]

Searching for "*trolltech*"
No folders found.

========== Regfind ==========

Searching for "Fun4IM"
No data found.

Searching for "Bandoo"
No data found.

Searching for "Searchnu"
No data found.

Searching for "Searchqu"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&appid=384&systemid=406&qu={searchTerms}&ft=json"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}]
@="Searchqu Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32]
@="C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&appid=384&systemid=406&qu={searchTerms}&ft=json"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&appid=384&systemid=406&qu={searchTerms}&ft=json"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{99079a25-328f-4bd4-be04-00955acaa0a7}"="Searchqu Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
@="Searchqu Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}]
@="Searchqu Toolbar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32]
@="C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\AppDataLow\Software\searchqutoolbar]
[HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]
"SuggestionsURL_JSON"="http://www.searchqu.com/suggest.php?src=ieb&appid=384&systemid=406&qu={searchTerms}&ft=json"

Searching for "iLivid"
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\iLivid]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files (x86)\iLivid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetupV1.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASMANCS]
[HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\iLivid]
[HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files (x86)\iLivid]

Searching for "whitesmoke"
No data found.

Searching for "datamngr"
[HKEY_CURRENT_USER\Software\Datamngr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32]
@="C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32]
@="C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll"
[HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Datamngr]

Searching for "kelkoopartners"
No data found.

Searching for "trolltech"
[HKEY_CURRENT_USER\Software\Trolltech]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Trolltech]
[HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]

Searching for "AFBB7970-789A-4264-BA70-E8127DECE400"
No data found.

Searching for "18AF7201-4F14-4BCF-93FE-45617CF259FF"
No data found.

Searching for "DF76E9B7-35EC-46FC-AF56-5B79DED9D64F"
No data found.

Searching for "C10DC1F4-CCDF-4224-A24D-B23AFC3573C8"
No data found.

Searching for "EoRezo"
No data found.

Searching for "eobho"
No data found.

Searching for "ieobho"
No data found.

Searching for "eoengine"
No data found.

-= EOF =-
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby Will Reed » September 30th, 2012, 3:26 pm

OTL logfile created on: 9/30/2012 10:24:55 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Will Reed-Green Clea\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 13.17 Gb Available Physical Memory | 82.55% Memory free
31.90 Gb Paging File | 28.91 Gb Available in Paging File | 90.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 24.04 Gb Free Space | 21.52% Space Free | Partition Type: NTFS
Drive D: | 1863.02 Gb Total Space | 1545.30 Gb Free Space | 82.95% Space Free | Partition Type: NTFS
Drive G: | 14.90 Gb Total Space | 6.57 Gb Free Space | 44.09% Space Free | Partition Type: FAT32

Computer Name: WILLREED-GREENC | User Name: Will Reed-Green Clea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/30 10:20:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Will Reed-Green Clea\Desktop\OTL.exe
PRC - [2012/09/15 12:47:49 | 000,917,984 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/09/12 20:16:36 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/09/12 20:16:16 | 001,353,080 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/09/12 19:57:27 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2012/09/07 11:07:12 | 001,677,144 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/09/07 11:07:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/08/21 03:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 03:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/27 02:14:27 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/12/16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/07/12 02:14:26 | 000,331,776 | R--- | M] (VIA Technologies, Inc.) -- C:\VIA_XHCI\usb3Monitor.exe
PRC - [2010/12/08 08:54:12 | 016,889,640 | ---- | M] (Thermaltake) -- C:\Program Files (x86)\Thermaltake\Tt eSPORTS BLACK Element\BlackElement.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/09 08:07:56 | 000,107,912 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/19 07:26:53 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2012/09/15 12:47:48 | 002,244,064 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/09/12 21:47:27 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8ab16b2721684612a1c9053401797082\IAStorUtil.ni.dll
MOD - [2012/09/12 21:47:27 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0ac5296285b1a74de78ded1c844cfb60\IAStorCommon.ni.dll
MOD - [2012/09/12 20:16:36 | 020,317,008 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/09/12 20:16:36 | 001,099,616 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/09/12 20:16:36 | 000,902,480 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/09/12 20:16:36 | 000,190,816 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/09/12 20:16:36 | 000,123,232 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/09/12 19:57:27 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012/09/12 19:23:47 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/09/12 19:23:36 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/09/12 19:23:32 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/09/12 19:23:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/09/12 19:23:24 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/09/12 19:23:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/09/12 19:23:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/09/12 19:23:20 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/08/21 18:18:44 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2010/11/18 09:16:58 | 000,747,304 | ---- | M] () -- C:\Program Files (x86)\Thermaltake\Tt eSPORTS BLACK Element\Ms2Osd.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/21 03:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/07/27 20:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/12/08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/13 13:53:40 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/12 20:16:36 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/07 11:07:12 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/01 09:39:50 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/12/16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/12/16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/12/16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/08/30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/09 08:07:56 | 000,107,912 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2012/09/07 11:07:30 | 000,101,688 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/21 03:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 03:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 03:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 03:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 03:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 03:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/07/27 22:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/27 19:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/27 02:13:18 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/03/27 02:13:18 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/03/27 02:13:17 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012/01/19 22:39:16 | 000,205,312 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2012/01/19 22:39:04 | 000,254,464 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2011/12/02 04:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/11/02 10:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011/09/29 03:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/23 17:31:34 | 000,057,072 | ---- | M] (Thermaltake) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MS2Filter.sys -- (Thermnaltake MS2 Filter)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/09/26 10:52:47 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012/09/26 10:52:32 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012/09/19 07:26:53 | 000,397,720 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_42020.sys -- (RapportCerberus_42020)
DRV - [2012/09/07 11:07:30 | 000,297,240 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/09/07 11:07:30 | 000,055,096 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2010/09/23 17:30:18 | 000,031,360 | ---- | M] (Thermaltake) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\MS2Filter.sys -- (Thermnaltake MS2 Filter)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adknlg ... 1509737446
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDtBtAtC0C0CyDzyyDtCtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1509737446
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adknlg ... 1509737446
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDtBtAtC0C0CyDzyyDtCtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1509737446
IE - HKLM\..\SearchScopes\{700F9C3E-35B5-4203-B532-723DBB542CF1}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.optionshouse.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://app.servicemonster.net/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.optionshouse.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C3 34 37 FC 4E 91 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {c111c814-fd58-0a04-3924-998b53830e29} - C:\Program Files (x86)\Shop to Win 29\Helper.dll ()
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDtBtAtC0C0CyDzyyDtCtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1509737446
IE - HKCU\..\SearchScopes\{211D2075-11CC-421B-9A9F-00A93B17D533}: "URL" = http://www.mysearchresults.com/search?&c=4200&t=11&q={searchTerms}
IE - HKCU\..\SearchScopes\{700F9C3E-35B5-4203-B532-723DBB542CF1}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://us.mg6.mail.yahoo.com/neo/launch?.rand=f868ioqciclin|http://www.truckmountforums.com/forum.php|http://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: plugin@vfd.com:1.5
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.8.20120412011105
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=384&systemid=406&sr=0&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: D:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/14 01:34:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012/09/15 12:47:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012/09/15 12:47:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/16 12:54:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Extensions
[2012/09/20 19:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions
[2012/09/12 19:41:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/09/13 09:19:52 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com
[2012/09/13 11:13:00 | 000,001,982 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\search-here.xml
[2012/09/13 09:23:12 | 000,002,343 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\Search.xml
[2012/09/13 18:20:07 | 000,002,519 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\Search_Results.xml
[2012/09/14 01:34:30 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2012/09/16 12:57:54 | 000,444,301 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15258 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Shop to Win) - {5ABD6C72-FFD7-B634-A92B-D77D5960E009} - C:\Program Files (x86)\Shop to Win 29\Shop to Win 29.dll (Shop To Win, LLC)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\npchrome_frame.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Tt eSPORTS BLACK Element Gaming Mouse] C:\Program Files (x86)\Thermaltake\Tt eSPORTS BLACK Element\BlackElement.exe (Thermaltake)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EFC7F4F-768D-462E-A7E2-09C2EF707DF2}: DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\npchrome_frame.dll (Google Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/04 18:13:52 | 000,000,110 | -H-- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/30 10:20:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Will Reed-Green Clea\Desktop\OTL.exe
[2012/09/26 10:55:56 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012/09/23 03:00:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/23 03:00:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/23 03:00:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/23 03:00:21 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/23 03:00:21 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/23 03:00:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/23 03:00:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/23 03:00:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/23 03:00:20 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/23 03:00:20 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/23 03:00:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/23 03:00:20 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/23 03:00:19 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/23 03:00:19 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/23 03:00:19 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/19 21:31:20 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/09/19 12:21:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/09/19 12:21:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/09/19 12:21:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/09/19 12:19:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/09/19 12:19:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/09/19 12:19:36 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Microsoft Help
[2012/09/19 12:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/09/19 12:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/09/19 12:19:27 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/09/19 07:26:53 | 000,101,688 | ---- | C] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2012/09/19 07:26:48 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Trusteer
[2012/09/19 07:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Rapport
[2012/09/19 07:26:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trusteer
[2012/09/19 07:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusteer
[2012/09/17 15:00:57 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Ilivid Player
[2012/09/15 22:55:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/09/15 15:58:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2012/09/15 15:58:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ironclad Games
[2012/09/14 01:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/09/14 01:34:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/09/14 01:34:34 | 000,969,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/09/14 01:34:34 | 000,359,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/09/14 01:34:34 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/09/14 01:34:34 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/09/14 01:34:34 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/09/14 01:34:34 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/09/14 01:34:34 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/09/14 01:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/09/14 01:34:27 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/09/14 01:34:27 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/09/14 01:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/09/14 01:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/14 01:23:58 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\David Deangelo
[2012/09/14 01:21:14 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\SMM
[2012/09/14 01:19:11 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\BioWare
[2012/09/13 21:55:15 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\Carpet Cleaning
[2012/09/13 18:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Searchqu Toolbar
[2012/09/13 18:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/13 16:41:53 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\my games
[2012/09/13 15:32:08 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/09/13 15:32:08 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/09/13 15:32:08 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/09/13 15:32:08 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/09/13 15:32:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/09/13 15:32:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/09/13 15:32:08 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/09/13 15:13:14 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/09/13 15:13:14 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/09/13 12:57:42 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\Endless Space
[2012/09/13 12:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/09/13 12:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2012/09/13 12:44:07 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Yahoo!
[2012/09/13 12:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2012/09/13 11:31:35 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\Shiner
[2012/09/13 11:31:32 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/09/13 11:31:32 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/09/13 11:31:32 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/09/13 11:31:32 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/09/13 11:31:32 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/09/13 11:31:32 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/09/13 11:31:32 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/09/13 11:31:32 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/09/13 11:31:32 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/09/13 11:31:32 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/09/13 11:31:32 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/09/13 11:31:32 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/09/13 11:31:32 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/09/13 11:31:32 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/09/13 11:31:31 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/09/13 11:31:31 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/09/13 11:31:31 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/09/13 11:31:31 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/09/13 11:31:31 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/09/13 11:31:31 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/09/13 11:31:31 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/09/13 11:31:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/09/13 11:31:30 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/09/13 11:31:30 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/09/13 11:31:30 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/09/13 11:31:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/09/13 11:31:30 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/09/13 11:31:30 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/09/13 11:31:30 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/09/13 11:31:30 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/09/13 11:31:30 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/09/13 11:31:30 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/09/13 11:31:30 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/09/13 11:31:30 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/09/13 11:31:30 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/09/13 11:31:30 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/09/13 11:31:29 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/09/13 11:31:29 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/09/13 11:31:29 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/09/13 11:31:29 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/09/13 11:31:29 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/09/13 11:31:29 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/09/13 11:31:29 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/09/13 11:31:29 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/09/13 11:31:29 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/09/13 11:31:29 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/09/13 11:31:29 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/09/13 11:31:29 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/09/13 11:31:28 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/09/13 11:31:28 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/09/13 11:31:28 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/09/13 11:31:28 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/09/13 11:31:28 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/09/13 11:31:28 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/09/13 11:31:28 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/09/13 11:31:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/09/13 11:31:27 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/09/13 11:31:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/09/13 11:31:27 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/09/13 11:31:27 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/09/13 11:31:27 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/09/13 11:31:27 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/09/13 11:31:27 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/09/13 11:31:27 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/09/13 11:31:26 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/09/13 11:31:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/09/13 11:31:26 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/09/13 11:31:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/09/13 11:31:26 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/09/13 11:31:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/09/13 11:31:25 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/09/13 11:31:25 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/09/13 11:31:25 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/09/13 11:31:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/09/13 11:31:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/09/13 11:31:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/09/13 11:31:23 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/09/13 11:31:23 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/09/13 11:31:23 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/09/13 11:31:23 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/09/13 11:31:23 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/09/13 11:31:23 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/09/13 11:31:23 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/09/13 11:31:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/09/13 11:31:23 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/09/13 11:31:23 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/09/13 11:31:23 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/09/13 11:31:23 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/09/13 11:31:23 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/09/13 11:31:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/09/13 11:31:21 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/09/13 11:31:21 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/09/13 11:31:21 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/09/13 11:31:21 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/09/13 11:31:21 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/09/13 11:31:21 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/09/13 11:31:21 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/09/13 11:31:21 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/09/13 11:31:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/09/13 11:31:21 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/09/13 11:31:21 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/09/13 11:31:21 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/09/13 11:31:15 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/09/13 11:31:15 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/09/13 11:31:15 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/09/13 11:31:15 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/09/13 11:31:15 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/09/13 11:31:15 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/09/13 11:31:15 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/09/13 11:31:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/09/13 11:31:14 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/09/13 11:31:14 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/09/13 11:31:14 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/09/13 11:31:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/09/13 11:31:14 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/09/13 11:31:14 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/09/13 11:31:14 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/09/13 11:31:14 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/09/13 11:31:14 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/09/13 11:31:14 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/09/13 11:31:14 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/09/13 11:31:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/09/13 11:31:14 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/09/13 11:31:14 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/09/13 11:31:14 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/09/13 11:31:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/09/13 11:31:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/09/13 11:31:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/09/13 11:31:14 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/09/13 11:31:14 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/09/13 11:31:14 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/09/13 11:31:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/09/13 11:31:14 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/09/13 11:31:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/09/13 11:31:14 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/09/13 11:31:14 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/09/13 11:31:14 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/09/13 11:31:14 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/09/13 11:31:13 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/09/13 11:31:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/09/13 11:31:13 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/09/13 11:31:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/09/13 11:31:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/09/13 11:31:13 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/09/13 11:31:13 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/09/13 11:31:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/09/13 11:31:13 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/09/13 11:31:13 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/09/13 11:31:13 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/09/13 11:31:13 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/09/13 11:31:13 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/09/13 11:31:13 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/09/13 11:31:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/09/13 11:31:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/09/13 11:31:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/09/13 11:31:13 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/09/13 11:31:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/09/13 11:31:13 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/09/13 11:31:13 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/09/13 11:31:13 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/09/13 11:31:13 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/09/13 11:31:13 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/09/13 11:31:13 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/09/13 11:31:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/09/13 11:31:12 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/09/13 11:31:12 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/09/13 11:31:12 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/09/13 11:31:12 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/09/13 11:31:12 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/09/13 11:31:12 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/09/13 11:31:12 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/09/13 11:31:12 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/09/13 11:31:12 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/09/13 11:31:12 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/09/13 11:31:12 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/09/13 11:31:12 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/09/13 11:31:12 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/09/13 11:31:12 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/09/13 11:31:11 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/09/13 11:31:11 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/09/13 11:31:11 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/09/13 11:31:11 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
Last edited by Jack&Jill on September 30th, 2012, 8:28 pm, edited 1 time in total.
Reason: Disable links
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby Will Reed » September 30th, 2012, 3:27 pm

[2012/09/13 10:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/09/13 10:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/09/13 10:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/09/13 10:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/09/13 10:02:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/09/13 09:23:01 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012/09/13 09:23:01 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012/09/13 09:23:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012/09/13 09:23:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012/09/13 09:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012/09/13 09:20:48 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 29
[2012/09/13 09:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shop to Win 29
[2012/09/13 09:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2012/09/13 09:19:49 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Google
[2012/09/12 21:40:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenu
[2012/09/12 21:28:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2012/09/12 21:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2012/09/12 21:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX860 series User Registration
[2012/09/12 21:27:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[2012/09/12 21:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2012/09/12 21:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2012/09/12 21:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX860 series Manual
[2012/09/12 21:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX860 series
[2012/09/12 21:26:40 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/09/12 21:26:32 | 000,251,904 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6PPM.DLL
[2012/09/12 21:26:32 | 000,152,064 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMN6UI.DLL
[2012/09/12 21:25:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/09/12 21:25:33 | 000,262,656 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCF2Lj.DLL
[2012/09/12 21:25:33 | 000,232,448 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFMSj.EXE
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjUS.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjTH.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjSE.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjRU.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjPT.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjPL.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjNL.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjIT.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjID.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjGR.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjFR.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjFI.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjES.DLL
[2012/09/12 21:25:33 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjDE.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjTR.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjNO.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjKR.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjJP.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjHU.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjDK.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjCZ.DLL
[2012/09/12 21:25:33 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjAR.DLL
[2012/09/12 21:25:33 | 000,002,048 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjTW.DLL
[2012/09/12 21:25:33 | 000,002,048 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNCFLjCN.DLL
[2012/09/12 21:25:24 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012/09/12 21:25:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2012/09/12 21:25:20 | 000,290,816 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLM9N.DLL
[2012/09/12 21:24:59 | 001,342,976 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC860C.DLL
[2012/09/12 21:24:59 | 000,299,520 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC860L.DLL
[2012/09/12 21:24:59 | 000,235,008 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNC860O.DLL
[2012/09/12 21:24:59 | 000,092,672 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC860I.DLL
[2012/09/12 21:24:59 | 000,017,920 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNHMCA6.DLL
[2012/09/12 21:19:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/09/12 21:19:00 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Adobe
[2012/09/12 21:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/09/12 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/09/12 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/09/12 21:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/09/12 20:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/09/12 20:16:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/09/12 20:07:41 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Apple Computer
[2012/09/12 20:07:41 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Apple Computer
[2012/09/12 20:07:40 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/09/12 20:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/12 20:07:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/09/12 20:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/09/12 20:07:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/12 20:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/09/12 20:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/09/12 20:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/09/12 20:07:27 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Apple
[2012/09/12 20:07:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/09/12 20:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/09/12 20:07:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/09/12 20:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/09/12 20:07:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/09/12 19:57:36 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Macromedia
[2012/09/12 19:57:36 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Macromedia
[2012/09/12 19:57:36 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Adobe
[2012/09/12 19:57:27 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/12 19:57:27 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/12 19:57:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/09/12 19:57:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/09/12 19:41:48 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla
[2012/09/12 19:41:48 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Mozilla
[2012/09/12 19:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/09/12 19:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/09/12 19:39:44 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\Documents\Black Element
[2012/09/12 19:39:03 | 000,057,072 | ---- | C] (Thermaltake) -- C:\Windows\SysNative\drivers\MS2Filter.sys
[2012/09/12 19:39:03 | 000,031,360 | ---- | C] (Thermaltake) -- C:\Windows\SysWow64\drivers\MS2Filter.sys
[2012/09/12 19:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thermaltake
[2012/09/12 19:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thermaltake
[2012/09/12 19:28:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/09/12 19:28:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/09/12 19:28:14 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/09/12 19:15:53 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/09/12 19:10:11 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/09/12 19:10:11 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/09/12 19:10:11 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/09/12 19:10:11 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/09/12 19:10:11 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/09/12 19:10:11 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/09/12 19:10:11 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/09/12 19:10:11 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/09/12 19:10:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/09/12 19:10:11 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/09/12 19:10:11 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/09/12 19:10:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/09/12 19:10:11 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/09/12 19:10:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/09/12 19:10:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/09/12 19:10:11 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/09/12 19:10:11 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/09/12 19:10:11 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/09/12 19:10:11 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/09/12 19:10:11 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/09/12 19:10:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/09/12 19:10:11 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/09/12 19:10:11 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/09/12 19:10:11 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/09/12 19:10:11 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/09/12 19:10:11 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/09/12 19:10:11 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/09/12 19:10:11 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/09/12 19:10:11 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/09/12 19:10:11 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/09/12 19:10:11 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/09/12 19:10:11 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/09/12 19:10:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/09/12 19:10:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/09/12 19:10:11 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/09/12 19:10:11 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/09/12 19:10:11 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/09/12 19:10:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/09/12 19:10:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/09/12 19:10:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/12 19:10:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/12 19:10:11 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/09/12 19:10:11 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/09/12 19:10:11 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/09/12 19:10:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/09/12 19:10:11 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/09/12 19:10:11 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/09/12 19:10:11 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/09/12 19:10:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/09/12 19:10:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/09/12 19:10:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/09/12 19:10:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/09/12 19:10:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/09/12 19:10:11 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/09/12 19:10:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/09/12 19:10:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/09/12 19:10:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/09/12 19:07:13 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/09/12 19:07:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/09/12 19:07:13 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/09/12 19:06:22 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/09/12 19:06:22 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/09/12 19:06:20 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/09/12 19:06:20 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/09/12 19:06:20 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/09/12 19:06:20 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/09/12 19:06:20 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/09/12 19:06:20 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/09/12 19:06:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/09/12 19:06:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/09/12 19:06:19 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/09/12 19:06:19 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/09/12 19:06:19 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/09/12 19:06:18 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/09/12 19:06:18 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/09/12 19:06:18 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/09/12 19:06:17 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/09/12 19:06:17 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/09/12 19:06:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/09/12 19:06:17 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/09/12 19:06:17 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/09/12 19:06:16 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/09/12 19:06:16 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/09/12 19:06:16 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/09/12 19:06:16 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/12 19:06:16 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/09/12 19:06:16 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/09/12 19:06:16 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/12 19:06:16 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/09/12 19:06:16 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/09/12 19:06:16 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/09/12 19:06:16 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/09/12 19:06:16 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/09/12 19:06:16 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/09/12 19:06:16 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/09/12 19:06:16 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/09/12 19:06:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/09/12 19:06:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/09/12 19:06:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/09/12 19:06:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/09/12 19:06:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/09/12 19:06:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/09/12 19:06:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/09/12 19:06:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/09/12 19:06:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/09/12 19:06:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/09/12 19:06:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/09/12 19:06:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/09/12 19:06:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/09/12 19:06:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/09/12 19:06:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/09/12 19:06:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/09/12 19:06:15 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/09/12 19:06:15 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/09/12 19:06:15 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/09/12 19:06:15 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/09/12 19:06:15 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/09/12 19:06:15 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/09/12 19:06:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/09/12 19:06:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/09/12 19:06:15 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/09/12 19:06:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/09/12 19:06:15 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/09/12 19:06:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/09/12 19:06:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/09/12 19:06:15 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/09/12 19:06:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/09/12 19:06:13 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/09/12 19:06:13 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/09/12 19:06:13 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/09/12 19:06:13 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/09/12 19:06:13 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/09/12 19:06:13 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/09/12 19:06:13 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/09/12 19:06:13 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/09/12 19:06:13 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/09/12 19:06:13 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/09/12 19:06:13 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/09/12 19:06:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/09/12 19:06:13 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/09/12 19:06:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/09/12 19:06:13 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/09/12 19:06:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/09/12 19:06:13 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/09/12 19:06:13 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/09/12 19:06:13 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/09/12 19:06:13 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/09/12 19:06:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/09/12 19:06:12 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/09/12 19:06:12 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/09/12 19:06:12 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/09/12 19:06:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/09/12 19:06:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/09/12 19:06:12 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/09/12 19:06:12 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/09/12 19:06:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 19:06:11 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/09/12 19:06:11 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/09/12 19:06:11 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/09/12 19:06:11 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/09/12 19:06:11 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/09/12 19:06:11 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/09/12 19:06:11 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/09/12 19:06:11 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/09/12 19:06:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/09/12 19:06:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/09/12 19:06:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/09/12 19:06:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/09/12 19:06:11 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/09/12 19:06:11 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/09/12 19:06:11 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/09/12 19:06:10 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/12 19:06:10 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/09/12 19:06:10 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/09/12 19:06:10 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/09/12 19:06:10 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/09/12 19:06:10 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/09/12 19:06:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/09/12 19:06:10 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/09/12 19:06:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/09/12 19:06:09 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/09/12 19:06:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/09/12 19:06:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/09/12 19:06:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/09/12 19:06:05 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/09/12 19:06:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/09/12 19:06:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/09/12 19:05:50 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/09/12 19:05:50 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/09/12 19:05:50 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/09/12 19:05:50 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/09/12 19:05:50 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/09/12 19:05:02 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/09/12 19:05:02 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/09/12 19:05:02 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/09/12 19:05:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/09/12 19:05:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/09/12 19:04:08 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\WindowsUpdate
[2012/09/12 19:02:41 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\ATI
[2012/09/12 19:02:41 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\ATI
[2012/09/12 19:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/09/12 19:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/09/12 19:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012/09/12 19:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/09/12 19:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/09/12 19:01:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/09/12 19:01:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/09/12 19:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/09/12 19:00:57 | 000,000,000 | ---D | C] -- C:\AMD
[2012/09/12 18:56:38 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Intel Corporation
[2012/09/12 18:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/09/12 18:55:34 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012/09/12 18:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2012/09/12 18:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2012/09/12 18:43:34 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/09/12 18:43:34 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/09/12 18:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2012/09/12 18:43:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2012/09/12 18:43:04 | 000,000,000 | ---D | C] -- C:\VIA_XHCI
[2012/09/12 18:42:36 | 001,721,576 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01009.dll
[2012/09/12 18:42:36 | 000,254,464 | R--- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\xhcdrv.sys
[2012/09/12 18:42:36 | 000,205,312 | R--- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\ViaHub3.sys
[2012/09/12 18:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012/09/12 18:42:26 | 000,019,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012/09/12 18:42:21 | 000,789,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012/09/12 18:42:20 | 000,356,632 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012/09/12 18:42:14 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/09/12 18:42:14 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/09/12 18:42:14 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/09/12 18:42:14 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/09/12 18:42:14 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/09/12 18:42:14 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/09/12 18:42:14 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/09/12 18:42:13 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/09/12 18:42:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/09/12 18:41:54 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/09/12 18:41:11 | 000,646,248 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012/09/12 18:41:10 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012/09/12 18:40:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/09/12 18:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/09/12 18:40:18 | 003,746,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2012/09/12 18:40:18 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2012/09/12 18:40:18 | 002,526,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2012/09/12 18:40:18 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2012/09/12 18:40:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2012/09/12 18:40:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2012/09/12 18:40:18 | 000,239,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2012/09/12 18:40:18 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2012/09/12 18:40:18 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2012/09/12 18:40:18 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2012/09/12 18:40:18 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll
[2012/09/12 18:40:18 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2012/09/12 18:40:17 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2012/09/12 18:40:17 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2012/09/12 18:40:17 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2012/09/12 18:40:16 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll
[2012/09/12 18:40:16 | 000,832,960 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll
[2012/09/12 18:40:16 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll
[2012/09/12 18:40:16 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll
[2012/09/12 18:40:12 | 002,603,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/09/12 18:40:12 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/09/12 18:40:12 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012/09/12 18:40:12 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2012/09/12 18:40:12 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/09/12 18:40:12 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/09/12 18:40:12 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/09/12 18:40:12 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012/09/12 18:40:12 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012/09/12 18:40:12 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012/09/12 18:40:11 | 000,823,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/09/12 18:40:11 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/09/12 18:40:11 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/09/12 18:40:11 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012/09/12 18:40:10 | 003,844,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/09/12 18:40:10 | 002,649,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/09/12 18:40:10 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/09/12 18:40:10 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/09/12 18:40:09 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/09/12 18:40:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/09/12 18:40:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/09/12 18:40:09 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/09/12 18:40:09 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/09/12 18:40:09 | 000,100,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012/09/12 18:40:09 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/09/12 18:40:08 | 002,765,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/09/12 18:40:07 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012/09/12 18:40:07 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012/09/12 18:40:07 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012/09/12 18:40:07 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012/09/12 18:40:07 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012/09/12 18:40:07 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012/09/12 18:40:06 | 005,996,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012/09/12 18:40:06 | 001,247,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2012/09/12 18:40:05 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/09/12 18:40:05 | 000,958,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012/09/12 18:40:05 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012/09/12 18:40:05 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/09/12 18:40:04 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012/09/12 18:40:01 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/09/12 18:40:01 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/09/12 18:40:01 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/09/12 18:40:01 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012/09/12 18:40:01 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/09/12 18:40:01 | 000,527,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012/09/12 18:40:01 | 000,515,584 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012/09/12 18:40:01 | 000,439,808 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012/09/12 18:40:00 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/09/12 18:40:00 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/09/12 18:40:00 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/09/12 18:40:00 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/09/12 18:40:00 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/09/12 18:40:00 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/09/12 18:40:00 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/09/12 18:40:00 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012/09/12 18:39:59 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/09/12 18:39:59 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/09/12 18:39:59 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/09/12 18:39:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/09/12 18:39:58 | 001,698,408 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/09/12 18:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/09/12 18:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/09/12 18:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/09/12 18:39:43 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/09/12 18:39:42 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/09/12 18:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/09/12 18:39:37 | 000,000,000 | ---D | C] -- C:\Intel
[2012/09/12 18:39:36 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/09/12 18:39:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/09/12 18:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/09/12 18:39:24 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\InstallShield
[2012/09/12 18:34:14 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/09/12 18:34:14 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Searches
[2012/09/12 18:34:14 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/09/12 18:34:14 | 000,000,000 | -H-D | C] -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/09/12 18:34:08 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Contacts
[2012/09/12 18:34:08 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Identities
[2012/09/12 18:34:07 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\VirtualStore
[2012/09/12 18:34:06 | 000,000,000 | --SD | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Videos
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Saved Games
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Pictures
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Music
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Links
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Favorites
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Downloads
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Documents
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\Desktop
[2012/09/12 18:34:06 | 000,000,000 | R--D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Temporary Internet Files
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Templates
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Start Menu
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\SendTo
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Recent
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\PrintHood
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\NetHood
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Documents\My Videos
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Documents\My Pictures
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Documents\My Music
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\My Documents
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Local Settings
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\History
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Cookies
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\Application Data
[2012/09/12 18:34:06 | 000,000,000 | -HSD | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Application Data
[2012/09/12 18:34:06 | 000,000,000 | -H-D | C] -- C:\Users\Will Reed-Green Clea\AppData
[2012/09/12 18:34:06 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Temp
[2012/09/12 18:34:06 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Microsoft
[2012/09/12 18:34:06 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Media Center Programs
[2012/09/12 18:34:04 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012/09/12 18:34:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/09/12 18:16:29 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/09/12 18:16:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/30 10:20:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Will Reed-Green Clea\Desktop\OTL.exe
[2012/09/30 10:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/30 09:49:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 02:49:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/29 08:30:03 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 08:30:03 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/29 08:28:54 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/29 08:28:54 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/29 08:28:54 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/29 08:22:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/29 08:22:54 | 4254,871,550 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/26 11:50:23 | 000,002,374 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/09/26 11:50:23 | 000,002,273 | ---- | M] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/26 10:52:47 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2012/09/26 10:52:32 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012/09/22 15:34:03 | 000,142,002 | ---- | M] () -- C:\Users\Will Reed-Green Clea\Desktop\haterafrican.jpg
[2012/09/20 07:57:51 | 000,341,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/16 12:57:54 | 000,444,301 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/14 01:34:34 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/09/14 01:34:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/09/13 13:53:40 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/13 13:53:40 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/13 10:39:20 | 000,000,538 | ---- | M] () -- C:\Windows\wininit.ini
[2012/09/13 10:11:34 | 000,001,282 | ---- | M] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/09/13 10:11:34 | 000,001,258 | ---- | M] () -- C:\Users\Will Reed-Green Clea\Desktop\Spybot - Search & Destroy.lnk
[2012/09/13 09:19:49 | 000,384,844 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Local\funmoods-speeddial.crx
[2012/09/13 09:19:49 | 000,031,465 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Local\funmoods.crx
[2012/09/12 21:28:44 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\Canon MX860 series User Registration.LNK
[2012/09/12 21:28:26 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/09/12 21:28:18 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/09/12 21:27:57 | 000,002,095 | ---- | M] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 2.1.lnk
[2012/09/12 21:27:38 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
[2012/09/12 21:27:30 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\My Printer.lnk
[2012/09/12 21:27:17 | 000,002,354 | ---- | M] () -- C:\Users\Public\Desktop\Canon MX860 series On-screen Manual.lnk
[2012/09/12 21:14:52 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/12 20:16:08 | 000,000,706 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/09/12 20:07:40 | 000,001,568 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/12 19:41:45 | 000,000,795 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/12 19:23:23 | 000,001,437 | ---- | M] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/12 19:10:11 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/09/12 19:10:11 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/09/12 19:10:11 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/09/12 19:10:11 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/09/12 19:10:11 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/09/12 19:10:11 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/09/12 19:10:11 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/09/12 19:10:11 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/09/12 19:10:11 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/09/12 19:10:11 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/09/12 19:10:11 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/09/12 19:10:11 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/09/12 19:10:11 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/09/12 19:10:11 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/09/12 19:10:11 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/09/12 19:10:11 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/09/12 19:10:11 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/09/12 19:10:11 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/09/12 19:10:11 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/09/12 19:10:11 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/09/12 19:10:11 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/09/12 19:10:11 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/09/12 19:10:11 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/09/12 19:10:11 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/09/12 19:10:11 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/09/12 19:10:11 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/09/12 19:10:11 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/09/12 19:10:11 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/09/12 19:10:11 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/09/12 19:10:11 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/09/12 19:10:11 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/09/12 19:10:11 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/09/12 19:10:11 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/09/12 19:10:11 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/09/12 19:10:11 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/09/12 19:10:11 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/09/12 19:10:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/09/12 19:10:11 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/09/12 19:10:11 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/09/12 19:10:11 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/09/12 19:10:11 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/09/12 19:10:11 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/09/12 19:10:11 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/09/12 19:10:11 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/09/12 19:10:11 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/09/12 19:10:11 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/09/12 19:10:11 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/09/12 19:10:11 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/09/12 19:10:11 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/09/12 19:10:11 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/09/12 19:10:11 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/09/12 19:10:11 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/09/12 19:10:11 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/09/12 19:10:11 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/09/12 19:10:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/09/12 19:10:11 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/09/12 19:10:11 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/09/12 19:10:11 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/09/12 19:10:11 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/09/12 19:02:22 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/09/12 18:48:23 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\ET6.lnk
[2012/09/12 18:42:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012/09/12 18:42:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012/09/12 18:42:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/09/12 18:38:30 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012/09/12 18:17:54 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/09/12 18:17:54 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/09/12 18:16:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/09/07 11:07:30 | 000,101,688 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/22 15:34:02 | 000,142,002 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Desktop\haterafrican.jpg
[2012/09/14 01:38:56 | 000,002,374 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/09/14 01:38:56 | 000,002,273 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/14 01:34:36 | 000,000,926 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/14 01:34:36 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/14 01:34:34 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/09/14 01:34:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/09/13 21:51:49 | 001,457,599 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Price_Headley_Favorite_Tech_Indicators_March2009.pdf
[2012/09/13 21:51:49 | 000,939,999 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\psychoheadlines2.pdf
[2012/09/13 21:51:49 | 000,240,585 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\rage workout.pdf
[2012/09/13 21:51:49 | 000,147,619 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\reed auto.pdf
[2012/09/13 21:51:49 | 000,120,685 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\P90X workout sheets2.pdf
[2012/09/13 21:51:49 | 000,119,414 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\P90X workout sheets.pdf
[2012/09/13 21:51:49 | 000,027,625 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Personality profile.odt
[2012/09/13 21:51:49 | 000,024,351 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Personals email.odt
[2012/09/13 21:51:49 | 000,008,301 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Resume Stock Analyst.rsm
[2012/09/13 21:51:49 | 000,007,034 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Registry Mechanic invoice.pdf
[2012/09/13 21:51:49 | 000,005,814 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Resume4.rsm
[2012/09/13 21:51:49 | 000,003,455 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Resume Stock Analyst.rtf
[2012/09/13 21:51:48 | 003,979,675 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\ultimate-tech-analysis-handbook.pdf
[2012/09/13 21:51:48 | 003,029,869 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Neil_Strauss_-_The_Game_-_Penetrating_the_Secret_of_Pickup_Artists.pdf
[2012/09/13 21:51:48 | 001,744,016 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\IronCondorPrimer.pdf
[2012/09/13 21:51:48 | 001,359,166 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Understanding_Option_Greeks_Peter_Lusk_feb2009.pdf
[2012/09/13 21:51:48 | 000,538,109 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\MediaReport.pdf
[2012/09/13 21:51:48 | 000,462,365 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\WhattoNeverEatAfterYourWorkout.pdf
[2012/09/13 21:51:48 | 000,348,409 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Accoun positions screen shot.jpg
[2012/09/13 21:51:48 | 000,289,185 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\five_pro_trading_rules.pdf
[2012/09/13 21:51:48 | 000,194,560 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\GCCM label.zdl
[2012/09/13 21:51:48 | 000,148,556 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\EVEMon_Settings_3115.xml.bak
[2012/09/13 21:51:48 | 000,148,548 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\EVEMon_Settings_3097.xml.bak
[2012/09/13 21:51:48 | 000,148,169 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\EVEMon_Settings_2761.xml.bak
[2012/09/13 21:51:48 | 000,099,144 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\EVEMon_Settings_2418.xml.bak
[2012/09/13 21:51:48 | 000,089,042 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\EVEMon_Settings_2391.xml.bak
[2012/09/13 21:51:48 | 000,084,675 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\EVEMon_Settings_2523.xml.bak
[2012/09/13 21:51:48 | 000,059,717 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Discovery Sheet.pdf
[2012/09/13 21:51:48 | 000,035,065 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Cover Letter IS job.rtf
[2012/09/13 21:51:48 | 000,034,715 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Cover Letter Stock job.rtf
[2012/09/13 21:51:48 | 000,029,291 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Google trade.odt
[2012/09/13 21:51:48 | 000,027,946 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\glycemicindexfoods.pdf
[2012/09/13 21:51:48 | 000,010,312 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Hard bodies.odt
[2012/09/13 21:51:48 | 000,002,982 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Merchandiser resume.rtf
[2012/09/13 21:51:48 | 000,002,829 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\account_positions_05-09-2011.csv
[2012/09/13 21:51:48 | 000,002,379 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\MumbleAutomaticCertificateBackup.p12
[2012/09/13 21:51:47 | 002,049,135 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\TGR-Napoleon Hill.pdf
[2012/09/13 21:51:47 | 000,102,567 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\trader's quiz answers.pdf
[2012/09/13 21:51:47 | 000,086,511 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Trader's quiz.pdf
[2012/09/13 21:51:47 | 000,001,772 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Tech resume.rtf
[2012/09/13 21:51:46 | 041,913,947 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\stocktradingsecretrevealed.rtf
[2012/09/13 21:51:46 | 001,009,094 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\SEO Techniques.pdf
[2012/09/13 21:51:46 | 000,230,941 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Documents\Stock terms.pdf
[2012/09/13 10:39:20 | 000,000,538 | ---- | C] () -- C:\Windows\wininit.ini
[2012/09/13 10:11:34 | 000,001,282 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/09/13 10:11:34 | 000,001,258 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Desktop\Spybot - Search & Destroy.lnk
[2012/09/13 09:23:01 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2012/09/13 09:19:49 | 000,384,844 | ---- | C] () -- C:\Users\Will Reed-Green Clea\AppData\Local\funmoods-speeddial.crx
[2012/09/13 09:19:49 | 000,031,465 | ---- | C] () -- C:\Users\Will Reed-Green Clea\AppData\Local\funmoods.crx
[2012/09/12 21:28:44 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX860 series User Registration.LNK
[2012/09/12 21:28:26 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012/09/12 21:28:18 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
[2012/09/12 21:27:57 | 000,002,095 | ---- | C] () -- C:\Users\Public\Desktop\Canon MP Navigator EX 2.1.lnk
[2012/09/12 21:27:38 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
[2012/09/12 21:27:30 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\My Printer.lnk
[2012/09/12 21:27:17 | 000,002,354 | ---- | C] () -- C:\Users\Public\Desktop\Canon MX860 series On-screen Manual.lnk
[2012/09/12 21:26:32 | 000,117,850 | ---- | C] () -- C:\Windows\SysNative\Cnmnput.chm
[2012/09/12 21:24:58 | 000,014,592 | ---- | C] () -- C:\Windows\SysNative\CNC1735D.TBL
[2012/09/12 21:14:52 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/12 21:14:52 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/12 20:16:08 | 000,000,706 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/09/12 20:07:40 | 000,001,568 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/12 20:07:27 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/12 19:57:27 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/12 19:41:45 | 000,000,795 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/12 19:41:45 | 000,000,795 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/09/12 19:10:11 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/09/12 19:10:11 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/09/12 19:02:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/09/12 18:57:52 | 000,001,437 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/12 18:55:51 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012/09/12 18:48:23 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\ET6.lnk
[2012/09/12 18:43:12 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2012/09/12 18:43:12 | 000,021,616 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2012/09/12 18:42:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012/09/12 18:42:36 | 000,008,227 | R--- | C] () -- C:\Windows\SysNative\drivers\viahub3.cat
[2012/09/12 18:42:36 | 000,008,003 | R--- | C] () -- C:\Windows\SysNative\drivers\xhcdrv.cat
[2012/09/12 18:42:36 | 000,004,508 | R--- | C] () -- C:\Windows\SysNative\drivers\xhcdrv.inf
[2012/09/12 18:42:36 | 000,003,977 | R--- | C] () -- C:\Windows\SysNative\drivers\ViaHub3.inf
[2012/09/12 18:42:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012/09/12 18:42:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/09/12 18:41:10 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012/09/12 18:40:09 | 000,215,644 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/09/12 18:39:54 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/09/12 18:38:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012/09/12 18:34:40 | 000,001,409 | ---- | C] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/09/12 18:34:39 | 000,001,443 | ---- | C] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/09/12 18:34:06 | 000,000,290 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/09/12 18:34:06 | 000,000,272 | ---- | C] () -- C:\Users\Will Reed-Green Clea\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/09/12 18:17:49 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/09/12 18:17:48 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/09/12 18:16:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/09/12 18:16:23 | 4254,871,550 | -HS- | C] () -- C:\hiberfil.sys
[2012/07/27 19:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/27 19:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/12/08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/09/12 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby nunped » October 2nd, 2012, 10:38 am

Hi Will Reed, :)

Did you run the OTL fix as instructed or just a scan?
If you did, please post the respective log, that you can find in the OTL folder (c:\_OTL)
If you didn't, please don't do it now.

Either way, follow these instructions

Step 1 - Disable Teatimer
  • Launch Spybot S&D, go to the Mode menu and make sure "Advanced Mode" is selected.
  • On the left hand side, click on Tools, then click on the Resident Icon in the list.
  • Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
  • Click on the "System Startup" icon in the List
  • Uncheck the "TeaTimer" box and "OK" any prompts.
  • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
  • Exit Spybot S&D when done and reboot your computer.
    (When we are done, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.]

Step 2 - Fix with OTL
In this fix, we will reset your "Hosts File", installed by Spybot, as it may have been hijacked by the infection. To reinstall it, we will have to use the "Immunize" function of Spybot, after the clean-up.
  • Right click OTL.exe and choose "run as administrator" to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:commands
[createrestorepoint]

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adknlg ... 1509737446
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDtBtAtC0C0CyDzyyDtCtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1509737446
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adknlg ... 1509737446
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDtBtAtC0C0CyDzyyDtCtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1509737446
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {c111c814-fd58-0a04-3924-998b53830e29} - C:\Program Files (x86)\Shop to Win 29\Helper.dll ()
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDtBtAtC0C0CyDzyyDtCtN0D0Tzu0CtByDyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1509737446
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=384&systemid=406&sr=0&q="
[2012/09/13 09:19:52 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com
[2012/09/13 11:13:00 | 000,001,982 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\search-here.xml
[2012/09/13 09:23:12 | 000,002,343 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\Search.xml
[2012/09/13 18:20:07 | 000,002,519 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\Search_Results.xml
O2 - BHO: (Shop to Win) - {5ABD6C72-FFD7-B634-A92B-D77D5960E009} - C:\Program Files (x86)\Shop to Win 29\Shop to Win 29.dll (Shop To Win, LLC)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar" File not found
[2012/09/17 15:00:57 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Local\Ilivid Player
[2012/09/13 18:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Searchqu Toolbar
[2012/09/13 18:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/13 09:20:48 | 000,000,000 | ---D | C] -- C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 29
[2012/09/13 09:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shop to Win 29
[2012/09/13 09:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OApps
[2012/09/13 09:19:49 | 000,384,844 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Local\funmoods-speeddial.crx
[2012/09/13 09:19:49 | 000,031,465 | ---- | M] () -- C:\Users\Will Reed-Green Clea\AppData\Local\funmoods.crx

:Files
C:\Users\Will Reed-Green Clea\AppData\Local\Temp\searchqutoolbar-manifest.xml
C:\Users\Will Reed-Green Clea\AppData\LocalLow\searchquband
C:\Users\Will Reed-Green Clea\AppData\Local\Ilivid Player
C:\Users\Will Reed-Green Clea\AppData\LocalLow\DataMngr

:Reg
[-HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS]
[-HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\AppDataLow\Software\searchqutoolbar]
[-HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\iLivid]
[-HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files (x86)\iLivid]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetupV1.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASMANCS]
[-HKEY_CURRENT_USER\Software\Datamngr]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASMANCS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS]
[-HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Datamngr]
[-HKEY_CURRENT_USER\Software\Trolltech]
[-HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Trolltech]

:Commands
[emptytemp]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.


Step 3 - Scan with SystemLook
  • Right click SystemLook.exe and select "run as administrator" to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    *eoengine*
    *eobho*
    *EoRezo*
    
    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    
    :Regfind
    Fun4IM
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech
    AFBB7970-789A-4264-BA70-E8127DECE400
    18AF7201-4F14-4BCF-93FE-45617CF259FF
    DF76E9B7-35EC-46FC-AF56-5B79DED9D64F
    C10DC1F4-CCDF-4224-A24D-B23AFC3573C8
    EoRezo
    eobho
    ieobho
    eoengine
    
  • Click the Look button to start the scan.
    The scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

In your next post:
  • OTL log
  • Systemlook log
  • Please, tell me how your computer is running
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: lb.adnxs.com

Unread postby Will Reed » October 4th, 2012, 11:59 am

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c111c814-fd58-0a04-3924-998b53830e29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c111c814-fd58-0a04-3924-998b53830e29}\ deleted successfully.
C:\Program Files (x86)\Shop to Win 29\Helper.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Prefs.js: "Search Results" removed from browser.search.defaultenginename
Prefs.js: "Search Results" removed from browser.search.order.1
Prefs.js: "http://dts.search-results.com/sr?src=ffb&appid=384&systemid=406&sr=0&q=" removed from keyword.URL
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com\skin folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com\locale\en-US folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com\locale folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com\defaults\preferences folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com\defaults folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com\content folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\extensions\plugin@vfd.com folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\search-here.xml moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\Search.xml moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Mozilla\Firefox\Profiles\8hpfyfg2.default\searchplugins\Search_Results.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ABD6C72-FFD7-B634-A92B-D77D5960E009}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ABD6C72-FFD7-B634-A92B-D77D5960E009}\ deleted successfully.
C:\Program Files (x86)\Shop to Win 29\Shop to Win 29.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqudatamngr not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqutoolbar not found.
C:\Users\Will Reed-Green Clea\AppData\Local\Ilivid Player folder moved successfully.
Folder C:\Program Files (x86)\Searchqu Toolbar\ not found.
C:\ProgramData\boost_interprocess\BAA7FCA7CE91CD01 folder moved successfully.
C:\ProgramData\boost_interprocess folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shop to Win 29 folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\util folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\weatherplugin\proppage folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\weatherplugin folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\searchcomponent folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\rssreader\proppage\images folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\rssreader\proppage folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\rssreader folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\radioplugin\proppage\widgets folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\radioplugin\proppage\images folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\radioplugin\proppage folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\radioplugin\js folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\radioplugin\images folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\radioplugin\css folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\radioplugin folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\msgboxplugin folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\emailchecker\proppage\widgets folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\emailchecker\proppage folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\emailchecker folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\common\proppage folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\common folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\bookmarksplugin\proppage\images folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\bookmarksplugin\proppage folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res\bookmarksplugin folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components\res folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\js_components folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\images\weather\png folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\images\weather folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\images\ticker folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\images\msgbox folder moved successfully.
C:\Program Files (x86)\Shop to Win 29\images folder moved successfully.
C:\Program Files (x86)\Shop to Win 29 folder moved successfully.
C:\Program Files (x86)\OApps folder moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Local\funmoods-speeddial.crx moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Local\funmoods.crx moved successfully.
========== FILES ==========
C:\Users\Will Reed-Green Clea\AppData\Local\Temp\searchqutoolbar-manifest.xml moved successfully.
C:\Users\Will Reed-Green Clea\AppData\LocalLow\searchquband folder moved successfully.
File\Folder C:\Users\Will Reed-Green Clea\AppData\Local\Ilivid Player not found.
C:\Users\Will Reed-Green Clea\AppData\LocalLow\DataMngr folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\AppDataLow\Software\searchqutoolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\iLivid\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files (x86)\iLivid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetupV1.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASMANCS\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Datamngr\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS\ not found.
Registry key HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Datamngr\ not found.
Registry key HKEY_CURRENT_USER\Software\Trolltech\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2752796887-2193035373-751783091-1000\Software\Trolltech\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 134 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Will Reed-Green Clea
->Temp folder emptied: 114507064 bytes
->Temporary Internet Files folder emptied: 411486010 bytes
->FireFox cache emptied: 478843667 bytes
->Flash cache emptied: 95346 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1714572 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 124635249 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 40835243 bytes

Total Files Cleaned = 1,118.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 10042012_095512

Files\Folders moved on Reboot...
C:\Users\Will Reed-Green Clea\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Will Reed-Green Clea\AppData\Local\Mozilla\Firefox\Profiles\8hpfyfg2.default\urlclassifier3.sqlite moved successfully.
File\Folder C:\Windows\temp\_avast_\unp147389641.tmp not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby Will Reed » October 4th, 2012, 3:58 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 09:59 on 04/10/2012 by Will Reed-Green Clea
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
C:\_OTL\MovedFiles\10042012_095512\C_Users\Will Reed-Green Clea\AppData\Local\Temp\searchqutoolbar-manifest.xml --a---- 9422 bytes [08:42 27/02/2012] [08:42 27/02/2012] B4CF632013D5A08B137DB737D2825F12

Searching for "*iLivid*"
No files found.

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
No files found.

Searching for "*trolltech*"
No files found.

Searching for "*eoengine*"
No files found.

Searching for "*eobho*"
No files found.

Searching for "*EoRezo*"
No files found.

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
C:\_OTL\MovedFiles\10042012_095512\C_Users\Will Reed-Green Clea\AppData\LocalLow\searchquband d------ [07:07 14/09/2012]

Searching for "*iLivid*"
C:\_OTL\MovedFiles\10042012_095512\C_Users\Will Reed-Green Clea\AppData\Local\Ilivid Player d------ [21:00 17/09/2012]

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
C:\_OTL\MovedFiles\10042012_095512\C_Users\Will Reed-Green Clea\AppData\LocalLow\DataMngr d------ [07:07 14/09/2012]

Searching for "*trolltech*"
No folders found.

========== Regfind ==========

Searching for "Fun4IM"
No data found.

Searching for "Bandoo"
No data found.

Searching for "Searchnu"
No data found.

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"

Searching for "iLivid"
No data found.

Searching for "whitesmoke"
No data found.

Searching for "datamngr"
[HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr]

Searching for "kelkoopartners"
No data found.

Searching for "trolltech"
No data found.

Searching for "AFBB7970-789A-4264-BA70-E8127DECE400"
No data found.

Searching for "18AF7201-4F14-4BCF-93FE-45617CF259FF"
No data found.

Searching for "DF76E9B7-35EC-46FC-AF56-5B79DED9D64F"
No data found.

Searching for "C10DC1F4-CCDF-4224-A24D-B23AFC3573C8"
No data found.

Searching for "EoRezo"
No data found.

Searching for "eobho"
No data found.

Searching for "ieobho"
No data found.

Searching for "eoengine"
No data found.

-= EOF =-
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby Will Reed » October 4th, 2012, 3:59 pm

The computer runs fine. It only suffers from having constant pop ups.
Will Reed
Active Member
 
Posts: 10
Joined: September 20th, 2012, 10:47 pm

Re: lb.adnxs.com

Unread postby Jack&Jill » October 5th, 2012, 7:38 pm

Hello Will :-) ,

nunped will be away fo a while, so I am going to step in for him.

Can you see any difference after the OTL fix? Please describe the pop ups. Does this occur in all browsers or specific ones only like Firefox?

Please run a new scan with OTL and post back the logs.
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 291 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware