Jump to content

maneck35

Members
 View Profile  See their activity

  • Posts

    20

  • Joined

  • Last visited

Reputation

0 Neutral
  1. maneck35
    Btw I do use MSE and CCleaner and these are my recommendations for anyone setting up Windows, but I guess MSE missed the boat with this cheeky one.
  2. maneck35
    Thanks a lot for your help, I'll keep you posted - I think adwcleaner did the trick!
  3. maneck35
    <p>ESET Scan Results:</p> <br /> <br /> <div>C:\Users\maneck\AppData\Local\Temp\nss1938.tmp\OCSetupHlp.dll<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application</div> <div>C:\Users\maneck\Dropbox\Diana Maneck\Office 2010 Activation and Conversion Kit 1.6 - JRB007.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/HackKMS.A application</div> <div>C:\Windows\KMSAct.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/HackKMS.A application</div> <div>D:\Documents\Virtual Machines\OS X 10.8.2\VMware Unlocker - Hardware Virtualization Bypasser\vmware-vmx-patch.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Tool.TPE.A application</div> <div>F:\Gadgets\5800\FW and Flashing Applications\Nokia Flashing Tool - Phoenix Service Software 2010.38.005.44210\Phoenix Service Software 2010.38.005.44210.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/HackTool.Patcher.T application</div> <div>F:\Laptop\Install Files\Allmyapps.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application</div> <div>F:\Laptop\Install Files\aTube_Catcher.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application</div> <div>F:\Laptop\Install Files\aTube_Catcher_Setup.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application</div> <div>F:\Laptop\Install Files\avc-free.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application</div> <div>F:\Laptop\Install Files\DTLite4461-0327.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application</div> <div>F:\Laptop\Install Files\FreemakeVideoConverterSetup.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/OpenCandy application</div> <div>F:\Laptop\Install Files\Setup-MsgPlus-550.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/MessengerPlus.A application</div> <div>F:\Laptop\Install Files\STProxySwitcher_Setup.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/InstallMonetizer.AF application</div> <div>F:\Laptop\Install Files\MS Office 2010\Office 2010 Activation and Conversion Kit 1.6 - JRB007.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/HackKMS.A application</div> <div>F:\Laptop\Install Files\Tonec.Inc.Internet.Download.Manager.v6.12.18.Incl.Keygen.and.Patch-BRD\Keygen\Keygen.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Keygen.AS application</div> <div>F:\Laptop\Install Files\Tonec.Inc.Internet.Download.Manager.v6.12.18.Incl.Keygen.and.Patch-BRD\Keygen\Patch.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/HackTool.Patcher.T application</div> <div>F:\Laptop\Install Files\VMware Workstation v9.0.1 Incl. Keymaker\embrace_keygen\keygen.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Keygen.BN application</div> <div> </div> <div>As far as I know, these applications haven't caused this problem since I've had each of them since a long time.</div>
  4. maneck35
    As I said in my earlier post, no popups yet
  5. maneck35
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:01:41 PM, on 17/12/2012 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16453) Boot mode: Normal Running processes: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Users\maneck\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Users\maneck\AppData\Local\Programs\Google\MusicManager\MusicManager.exe C:\Program Files (x86)\uTorrent 2.2.1\uTorrent.exe C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe C:\Users\maneck\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\EventGhost\EventGhost.exe C:\Program Files (x86)\KatMouse\KatMouse.exe C:\Program Files (x86)\Launchy\Launchy.exe C:\Program Files (x86)\Trillian\trillian.exe c:\program files (x86)\trillian\plugins\skypekit.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Users\maneck\Desktop\HijackThis.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [skyDrive] "C:\Users\maneck\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [MusicManager] "C:\Users\maneck\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent 2.2.1\uTorrent.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - Startup: Dropbox.lnk = maneck\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: EventGhost.lnk = C:\Program Files (x86)\EventGhost\EventGhost.exe O4 - Startup: Fences.lnk = C:\Program Files (x86)\Stardock\Fences\Fences.exe O4 - Startup: KatMouse.lnk = C:\Program Files (x86)\KatMouse\KatMouse.exe O4 - Startup: Launchy.lnk = C:\Program Files (x86)\Launchy\Launchy.exe O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe O4 - Global Startup: Scrybe.lnk = ? O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{BFD83471-3C84-4B46-8A52-C426AB2FC6B6}: NameServer = 8.8.4.4,8.8.8.8 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @oem5.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing) O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Scrybe Updater (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14927 bytes
  6. maneck35
    Malwarebytes Anti-Malware (Trial) 1.65.1.1000 www.malwarebytes.org Database version: v2012.12.17.03 Windows 7 x64 NTFS Internet Explorer 9.10.9200.16453 maneck :: MANECK-AW [administrator] Protection: Disabled 17/12/2012 11:45:55 AM mbam-log-2012-12-17 (11-45-55).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 242929 Time elapsed: 5 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  7. maneck35
    I downloaded and ran adwcleaner once again. I didn't run Roguekiller. I have yet to experience a popup. I've run ccleaner and am performing the MBAM quick scan right now. Will post the results shortly.
  8. maneck35
    Similar topic that brought me to this forum: http://forums.malwarebytes.org/index.php?showtopic=119031
  9. maneck35
    That didn't help. The popup still remains.
  10. maneck35
    Just finished restarting and reinstalling Chrome. I think the popup is with any browser that's set as the default browser.
  11. maneck35
    Sure, I'll do that. The popup is back btw.
  12. maneck35
    Yes I'm finally in, but all the changes have been rolled back by System Restore I'm presuming. I'll wait to see if the popup comes back.
  13. maneck35
    Just to be clear, the script ran and I rebooted. Upon rebooting, when asked for the login password, it failed to accept my password. I used the forgot password option and changed it, yet it failed to recognize the new password as well.
  14. maneck35
    I really don't know what you made me run, but I was locked out of my computer..I couldn't login to my computer and it just wouldn't accept my password. I've had to perform a system restore to 14th December. Let's see how that goes now. Hopefully I can access my OS.
  15. maneck35
    OTL logfile created on: 16/12/2012 10:22:04 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\maneck\Desktop 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16453) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 7.99 Gb Total Physical Memory | 5.10 Gb Available Physical Memory | 63.86% Memory free 11.99 Gb Paging File | 8.49 Gb Available in Paging File | 70.85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 240.78 Gb Total Space | 56.95 Gb Free Space | 23.65% Space Free | Partition Type: NTFS Drive D: | 224.64 Gb Total Space | 142.15 Gb Free Space | 63.28% Space Free | Partition Type: NTFS Drive F: | 1397.26 Gb Total Space | 200.76 Gb Free Space | 14.37% Space Free | Partition Type: NTFS Computer Name: MANECK-AW | User Name: maneck | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\maneck\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems) PRC - C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project) PRC - C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.) PRC - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software) PRC - C:\Users\maneck\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) PRC - C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe (Binary Fortress Software) PRC - C:\Program Files (x86)\uTorrent 2.2.1\uTorrent.exe (BitTorrent, Inc.) PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) PRC - C:\Users\maneck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.) PRC - c:\Program Files (x86)\Trillian\plugins\skypekit.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.) PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe (Splashtop Inc.) PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe (Splashtop Inc.) PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) PRC - C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe (Synaptics Incorporated) PRC - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.) PRC - C:\Program Files (x86)\Launchy\Launchy.exe () PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) PRC - C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios) PRC - C:\Program Files (x86)\KatMouse\KatMouse.exe () ========== Modules (No Company Name) ========== MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32api.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\_elementtree.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\_socket.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\windows._cacheinvalidation.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\wx._gdi_.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\wx._misc_.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\pysqlite2._sqlite.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\pythoncom26.dll () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32com.shell.shell.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32security.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\pywintypes26.dll () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\_ctypes.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\wx._html2.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32ts.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32profile.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32crypt.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\wx._core_.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\wx._windows_.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\_ssl.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\_hashlib.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\wx._wizard.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32file.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32inet.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32process.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32pdh.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\wx._controls_.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\unicodedata.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\pyexpat.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\win32event.pyd () MOD - C:\Users\maneck\AppData\Local\Temp\_MEI41642\select.pyd () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll () MOD - C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\wx._core_.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\wx._controls_.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\wx._gdi_.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\wx._misc_.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\wx._windows_.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\_imaging.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\PIL._imaging.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\Crypto.Cipher.AES.pyd () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\6c34b9c8df4997ebbd2cd0ec01592eb2\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b5fbb0525df9de99970c60a5891939eb\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a2ce5fa5ddc467113d344183228ad23e\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\7a3f4b6e28bff7fc6e201f3444e38d06\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0d4a97f42b4d71125220c04a3a2fee75\mscorlib.ni.dll () MOD - c:\Program Files (x86)\Trillian\plugins\skypekit.exe () MOD - C:\Program Files (x86)\Trillian\libpng15.dll () MOD - C:\Program Files (x86)\Trillian\libungif.dll () MOD - C:\Program Files (x86)\Trillian\zlib1.dll () MOD - c:\Program Files (x86)\Trillian\languages\en\buddy.dll () MOD - c:\Program Files (x86)\Trillian\languages\en\talk.dll () MOD - c:\Program Files (x86)\Trillian\languages\en\trillian.dll () MOD - c:\Program Files (x86)\Trillian\languages\en\events.dll () MOD - c:\Program Files (x86)\Trillian\languages\en\toolkit.dll () MOD - C:\Program Files (x86)\EventGhost\plugins\System\VistaVolEvents.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\wxmsw28uh_html_vc.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\wxmsw28uh_adv_vc.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\wxmsw28uh_core_vc.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\wxbase28uh_net_vc.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\wxbase28uh_vc.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\site-packages\cFunctions.pyd () MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF () MOD - C:\Program Files (x86)\EventGhost\lib26\pywintypes26.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\pythoncom26.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\win32gui.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\win32api.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\win32trace.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\win32process.pyd () MOD - C:\Program Files (x86)\Launchy\plugins\controly.dll () MOD - C:\Program Files (x86)\Launchy\plugins\calcy.dll () MOD - C:\Program Files (x86)\Launchy\plugins\gcalc.dll () MOD - C:\Program Files (x86)\Launchy\Launchy.exe () MOD - C:\Program Files (x86)\Launchy\plugins\runner.dll () MOD - C:\Program Files (x86)\Launchy\plugins\weby.dll () MOD - C:\Program Files (x86)\Launchy\plugins\verby.dll () MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll () MOD - C:\Program Files (x86)\EventGhost\lib26\select.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\_multiprocessing.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\_hashlib.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\pyexpat.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\_ctypes.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\_elementtree.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\_ssl.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\unicodedata.pyd () MOD - C:\Program Files (x86)\EventGhost\lib26\_socket.pyd () MOD - C:\Program Files (x86)\Launchy\imageformats\qmng4.dll () MOD - C:\Program Files (x86)\Launchy\QtGui4.dll () MOD - C:\Program Files (x86)\Launchy\QtNetwork4.dll () MOD - C:\Program Files (x86)\Launchy\QtCore4.dll () MOD - C:\Program Files (x86)\KatMouse\KatMouseH.dll () MOD - C:\Program Files (x86)\KatMouse\KatMouseS.dll () MOD - C:\Program Files (x86)\KatMouse\KatMouse.exe () ========== Services (SafeList) ========== SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (BcmBtRSupport) -- C:\Windows\SysNative\BtwRSupportService.exe (Broadcom Corporation.) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (AlienFusionService) -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Alienware) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (CronService) -- C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.) SRV - (MsgPlusService) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (VMwareHostd) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe () SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (SSUService) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.) SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (HPSLPSVC) -- C:\Users\maneck\AppData\Local\Temp\7zS00B9\hpslpsvc64.dll (Hewlett-Packard Co.) SRV - (SplashtopRemoteService) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (ScrybeUpdater) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.) SRV - (InstallFilterService) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\Sandra.sys File not found DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (mozyFilter) -- C:\Windows\SysNative\Drivers\mozy.sys (Mozy, Inc.) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\Drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\Drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\Drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\Drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (vmkbd2) -- C:\Windows\SysNative\Drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (vsock) -- C:\Windows\SysNative\Drivers\vsock.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\Drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\Drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmusb) -- C:\Windows\SysNative\Drivers\vmusb.sys (VMware, Inc.) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\Drivers\idmwfp.sys (Tonec Inc.) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\rootmdm.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\Drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (msvad_simple) -- C:\Windows\SysNative\Drivers\povrtdev.sys (MediaMall Technologies, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\Drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\Drivers\nmwcdnsux64.sys (Nokia) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\Drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\Drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\Drivers\nmwcdnsucx64.sys (Nokia) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\Drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\Drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation) DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\Drivers\RimSerial_AMD64.sys (Research in Motion Ltd) DRV:64bit: - (itecir) -- C:\Windows\SysNative\Drivers\itecir.sys (ITE Tech. Inc. ) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\Drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\Drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\Drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\Drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\Drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (Acceler) -- C:\Windows\SysNative\Drivers\Acceler.sys (ST Microelectronics) DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\Drivers\rimmpx64.sys (REDC) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\Drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\Drivers\rimspx64.sys (REDC) DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\Drivers\rixdpx64.sys (REDC) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (stdflt) -- C:\Windows\SysWOW64\drivers\stdflt.sys (ST Microelectronics) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?rd=1&ucc=GB&dcc=GB&opt=0 IE - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB IE - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 F6 3B F8 71 85 CD 01 [binary data] IE - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3 FF - prefs.js..extensions.enabledAddons: %7Baff87fa2-a58e-4edd-b852-0a20203c1e17%7D:0.9 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\maneck\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\maneck\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2012/12/15 17:40:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/12 12:34:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\maneck\AppData\Roaming\IDM\idmmzcc5 [2012/10/25 12:13:30 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\maneck\AppData\Roaming\IDM\idmmzcc5 [2012/10/25 12:13:30 | 000,000,000 | ---D | M] [2012/08/29 20:05:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maneck\AppData\Roaming\mozilla\Extensions [2012/12/10 11:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maneck\AppData\Roaming\mozilla\Firefox\Profiles\wnvz0zm0.default\extensions [2012/10/31 13:50:19 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\maneck\AppData\Roaming\mozilla\firefox\profiles\wnvz0zm0.default\extensions\translator@zoli.bod.xpi [2012/09/30 14:14:11 | 000,042,737 | ---- | M] () (No name found) -- C:\Users\maneck\AppData\Roaming\mozilla\firefox\profiles\wnvz0zm0.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2012/12/10 11:40:28 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\maneck\AppData\Roaming\mozilla\firefox\profiles\wnvz0zm0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012/10/10 12:10:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/12/12 12:34:05 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/10/12 12:14:53 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/10/12 12:14:53 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\maneck\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\maneck\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Users\maneck\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Google Translate = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\ CHR - Extension: Xmarks Bookmark Sync = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\ CHR - Extension: Xmarks Bookmark Sync = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\.bak CHR - Extension: Turn Off the Lights = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.19_0\ CHR - Extension: Turn Off the Lights = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.20_0\ CHR - Extension: WOT = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.12_0\ CHR - Extension: YouTube = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Search by Image (by Google) = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.3.2_0\ CHR - Extension: AdBlock = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\ CHR - Extension: IDM Integration = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.12.25.1_0\ CHR - Extension: Reddit Enhancement Suite = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\ CHR - Extension: Facebook Fast Delete Messages = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmpnhheahecaojonebajllddfhpilan\0.3_0\ CHR - Extension: Google Dictionary (by Google) = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\ CHR - Extension: Ghostery = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\ CHR - Extension: F.B. Purity Cleans Up Facebook = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl\8.0.1_0\ CHR - Extension: Hover Zoom = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.8_0\ CHR - Extension: Gmail = C:\Users\maneck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/12/09 12:57:34 | 000,000,853 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.) O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [Fences] C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [MessengerPlusForSkypeService] C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software) O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.) O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [] File not found O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software) O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [skyDrive] C:\Users\maneck\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent 2.2.1\uTorrent.exe (BitTorrent, Inc.) O4 - Startup: C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\maneck\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk = C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project) O4 - Startup: C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk = C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation) O4 - Startup: C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KatMouse.lnk = C:\Program Files (x86)\KatMouse\KatMouse.exe () O4 - Startup: C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files (x86)\Launchy\Launchy.exe () O4 - Startup: C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe () O4 - Startup: C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-965696579-3179257427-1811898925-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wlidnsp.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wlidnsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8C9CACD-1416-44FE-AD4F-7E09B3F6F86E}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFD83471-3C84-4B46-8A52-C426AB2FC6B6}: NameServer = 8.8.4.4,8.8.8.8 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock) O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/09/14 10:31:34 | 000,001,469 | ---- | M] () - D:\Automate TV Shows.xml -- [ NTFS ] O32 - AutoRun File - [2011/04/14 00:53:59 | 000,000,042 | ---- | M] () - F:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/12/16 22:20:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\maneck\Desktop\OTL.exe [2012/12/16 12:41:56 | 000,000,000 | ---D | C] -- C:\Users\maneck\Desktop\RK_Quarantine [2012/12/16 09:44:51 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\maneck\Desktop\dds.com [2012/12/15 17:52:15 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/12/15 17:41:09 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Roaming\RoboForm [2012/12/15 17:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm [2012/12/15 17:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm [2012/12/15 17:39:42 | 000,000,000 | ---D | C] -- C:\Users\maneck\Documents\My RoboForm Data [2012/12/15 17:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems [2012/12/15 17:13:28 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012/12/15 17:06:31 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll [2012/12/15 17:06:31 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll [2012/12/15 17:06:31 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll [2012/12/15 17:06:30 | 006,971,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/12/15 17:06:30 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll [2012/12/15 17:06:30 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2012/12/15 17:06:29 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll [2012/12/15 17:06:29 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll [2012/12/15 17:06:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidi2c.sys [2012/12/15 17:06:29 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll [2012/12/15 17:06:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDKURD.DLL [2012/12/15 17:06:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDKURD.DLL [2012/12/15 17:06:28 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll [2012/12/15 17:06:28 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll [2012/12/15 17:06:28 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll [2012/12/15 17:06:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2012/12/15 17:06:28 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll [2012/12/15 17:06:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2012/12/15 17:06:08 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\glcndFilter.dll [2012/12/15 17:06:07 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll [2012/12/15 17:06:06 | 008,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll [2012/12/15 17:06:06 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\glcndFilter.dll [2012/12/15 17:06:04 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll [2012/12/15 17:06:04 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll [2012/12/15 17:06:04 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012/12/15 17:06:03 | 005,973,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2012/12/15 17:06:03 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2012/12/15 17:06:03 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012/12/15 17:06:02 | 005,087,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2012/12/15 17:06:01 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [2012/12/15 17:06:01 | 000,490,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll [2012/12/15 17:06:01 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll [2012/12/15 17:06:01 | 000,253,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe [2012/12/15 17:06:00 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2012/12/15 17:06:00 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2012/12/15 17:06:00 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/12/15 17:06:00 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll [2012/12/15 17:05:59 | 000,549,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll [2012/12/15 17:05:59 | 000,194,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2012/12/15 17:05:59 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys [2012/12/15 17:05:58 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll [2012/12/15 17:05:57 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll [2012/12/15 17:05:57 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll [2012/12/15 17:05:57 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll [2012/12/15 17:05:57 | 000,445,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS [2012/12/15 17:05:57 | 000,124,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys [2012/12/15 17:05:57 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWCN.dll [2012/12/15 17:05:56 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/12/15 17:05:56 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll [2012/12/15 17:05:56 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll [2012/12/15 17:05:56 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll [2012/12/15 17:05:56 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl [2012/12/15 17:05:56 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll [2012/12/15 17:05:56 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl [2012/12/15 17:05:56 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFCaptureEngine.dll [2012/12/15 17:05:56 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/12/15 17:05:55 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2012/12/15 17:05:55 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2012/12/15 17:05:55 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2012/12/15 17:05:55 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe [2012/12/15 17:05:55 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2012/12/15 17:05:55 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll [2012/12/15 17:05:55 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll [2012/12/15 17:05:55 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2012/12/15 17:05:55 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/12/15 17:05:55 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCaptureEngine.dll [2012/12/15 17:05:55 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2012/12/15 17:05:55 | 000,096,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys [2012/12/15 17:05:54 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll [2012/12/15 17:05:54 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe [2012/12/15 17:05:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll [2012/12/15 17:05:54 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/12/15 17:05:54 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2012/12/15 17:05:53 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll [2012/12/15 17:05:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2012/12/15 17:05:52 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2012/12/15 17:05:52 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [2012/12/15 17:05:52 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll [2012/12/15 17:05:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/12/15 17:05:51 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2012/12/15 17:05:51 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2012/12/15 17:05:51 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe [2012/12/15 17:05:50 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2012/12/15 17:05:49 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll [2012/12/15 17:05:49 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnApi.dll [2012/12/15 17:05:49 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnApi.dll [2012/12/15 17:05:48 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll [2012/12/15 17:05:48 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll [2012/12/15 17:05:48 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll [2012/12/15 17:05:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2012/12/15 17:05:48 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2012/12/15 17:05:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapAuthProxy.dll [2012/12/15 17:05:47 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll [2012/12/15 17:05:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/12/15 17:05:47 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/12/15 17:05:47 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfdprov.dll [2012/12/15 17:05:47 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapPeerProxy.dll [2012/12/15 17:05:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfdprov.dll [2012/12/15 17:05:46 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll [2012/12/15 17:05:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fxppm.sys [2012/12/15 17:05:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2012/12/15 17:05:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaext.dll [2012/12/15 17:05:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll [2012/12/15 17:05:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll [2012/12/15 17:05:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll [2012/12/15 17:05:45 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wushareduxresources.dll [2012/12/15 13:12:43 | 000,000,000 | ---D | C] -- C:\Users\maneck\Desktop\AI.Roboform.Enterprise.v7.8.5.7-TE [2012/12/15 00:41:26 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Roaming\Malwarebytes [2012/12/15 00:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/12/14 05:52:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll [2012/12/14 05:52:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appserverai.dll [2012/12/14 05:52:35 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDWebAI.dll [2012/12/14 05:52:35 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmHostAI.dll [2012/12/14 05:52:33 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2012/12/14 05:52:33 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2012/12/12 12:54:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/12/12 12:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012/12/12 12:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012/12/12 12:40:10 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Roaming\Media Player Classic [2012/12/12 07:45:10 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2012/12/12 07:45:10 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012/12/12 07:45:10 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll [2012/12/12 07:45:10 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll [2012/12/12 07:45:10 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe [2012/12/12 07:45:10 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe [2012/12/12 07:45:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll [2012/12/12 07:45:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll [2012/12/12 07:45:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll [2012/12/12 07:45:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll [2012/12/12 07:45:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnlobby.dll [2012/12/12 07:45:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll [2012/12/12 07:45:10 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnlobby.dll [2012/12/12 07:45:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll [2012/12/12 07:45:05 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012/12/12 07:45:05 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/12/12 07:45:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012/12/12 07:45:05 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012/12/12 07:45:05 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012/12/12 07:45:05 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/12/12 07:45:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2012/12/12 07:45:05 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2012/12/12 07:45:04 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resetengmig.dll [2012/12/12 07:45:04 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll [2012/12/12 07:45:04 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll [2012/12/12 07:45:03 | 001,009,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll [2012/12/12 07:45:03 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysreset.exe [2012/12/12 07:44:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/12/12 07:44:54 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2012/12/12 07:44:54 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012/12/12 07:44:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012/12/12 07:44:53 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/12/12 07:44:53 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/12/12 07:44:53 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/12/12 07:44:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012/12/12 07:44:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012/12/12 07:44:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012/12/12 07:44:52 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll [2012/12/12 07:44:52 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll [2012/12/12 07:44:52 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012/12/12 07:44:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012/12/12 00:08:18 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Local\{AB7CBD6B-0741-4997-8430-950DB17CC940} [2012/12/11 11:46:25 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices [2012/12/10 11:34:11 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Roaming\TeamViewer [2012/12/10 11:33:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2012/12/09 12:55:55 | 000,000,000 | ---D | C] -- C:\Users\maneck\.shsh [2012/12/07 00:21:20 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prey [2012/12/07 00:20:55 | 000,000,000 | ---D | C] -- C:\Prey [2012/12/06 11:25:39 | 000,000,000 | ---D | C] -- C:\Users\maneck\Documents\Nokia Suite [2012/12/06 11:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2012/12/06 11:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution [2012/12/05 13:06:03 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Local\Stardock_Corporation [2012/11/28 15:37:56 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll [2012/11/28 15:37:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe [2012/11/28 15:37:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll [2012/11/25 13:33:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012/11/19 10:47:34 | 000,000,000 | ---D | C] -- C:\Users\maneck\AppData\Local\CutePDF Writer [2012/11/19 10:42:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2012/11/19 10:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor [2012/11/18 04:01:15 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll [2012/11/18 04:01:12 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll [2012/11/18 03:59:42 | 003,244,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012/11/18 03:59:42 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srmstormod.dll [2012/11/18 03:59:42 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srmstormod.dll [2012/11/18 03:59:42 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquota.dll [2012/11/18 03:59:41 | 001,347,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srmclient.dll [2012/11/18 03:59:41 | 000,987,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srmclient.dll [2012/11/18 03:59:41 | 000,652,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srmscan.dll [2012/11/18 03:59:41 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srmscan.dll [2012/11/18 03:59:41 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquota.dll [2012/11/18 03:59:41 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2012/11/18 03:59:40 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srmshell.dll [2012/11/18 03:59:39 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srm.dll [2012/11/18 03:59:39 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srm.dll [2012/11/18 03:59:39 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2012/11/18 03:59:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srmshell.dll [2012/11/18 03:59:39 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adrclient.dll [2012/11/18 03:59:39 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adrclient.dll [2012/11/18 03:59:39 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srmtrace.dll [2012/11/18 03:59:39 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srmtrace.dll [2012/11/18 03:59:39 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rfxvmt.dll [2012/11/18 03:59:39 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srm_ps.dll [2012/11/18 03:59:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srm_ps.dll [2012/11/18 03:59:28 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll [2012/11/18 03:59:22 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetsrc.dll [2012/11/18 03:59:22 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetsrc.dll [2012/11/18 03:59:22 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetcore.dll [2012/11/18 03:59:22 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetcore.dll [2012/11/18 03:59:22 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmpeg2srcsnk.dll [2012/11/18 03:59:21 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll [2012/11/18 03:59:21 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll [2012/11/18 03:59:21 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmpeg2srcsnk.dll [2012/11/18 03:59:01 | 003,554,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2012/11/18 03:58:58 | 002,116,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2012/11/18 03:58:57 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/11/18 03:58:57 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll [2012/11/18 03:58:56 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2012/11/18 03:58:56 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Immersive.dll [2012/11/18 03:58:55 | 001,610,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2012/11/18 03:58:55 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012/11/18 03:58:54 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll [2012/11/18 03:58:54 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Immersive.dll [2012/11/18 03:58:54 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll [2012/11/18 03:58:54 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2012/11/18 03:58:53 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll [2012/11/18 03:58:52 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2012/11/18 03:58:52 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll [2012/11/18 03:58:52 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll [2012/11/18 03:58:52 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2012/11/18 03:58:52 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2012/11/18 03:58:51 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4srcsnk.dll [2012/11/18 03:58:51 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012/11/18 03:58:51 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys [2012/11/18 03:58:50 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll [2012/11/18 03:58:50 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll [2012/11/18 03:58:50 | 000,336,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys [2012/11/18 03:58:50 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Storage.Compression.dll [2012/11/18 03:58:49 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2012/11/18 03:58:49 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll [2012/11/18 03:58:48 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll [2012/11/18 03:58:48 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4srcsnk.dll [2012/11/18 03:58:48 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012/11/18 03:58:48 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys [2012/11/18 03:58:46 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SpaceControl.dll [2012/11/18 03:58:46 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012/11/18 03:58:45 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdstor.sys [2012/11/18 03:58:45 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys [2012/11/18 03:58:44 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2012/11/18 03:58:44 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2012/11/18 03:58:44 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2012/11/18 03:58:43 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll [2012/11/18 03:58:43 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll [2012/11/18 03:58:43 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Storage.Compression.dll [2012/11/18 03:58:42 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll [2012/11/18 03:58:42 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012/11/18 03:58:41 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2012/11/18 03:58:41 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2012/11/18 03:58:41 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-pdc.dll [2012/11/18 03:58:39 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PCPKsp.dll [2012/11/18 03:58:37 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2012/11/18 03:58:36 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallAPI.dll [2012/11/18 03:58:36 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2012/11/18 03:58:36 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2012/11/18 03:58:36 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxSip.dll [2012/11/18 03:58:35 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/11/18 03:58:35 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll [2012/11/18 03:58:35 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxSip.dll [2012/11/18 03:58:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2012/11/18 03:58:32 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2012/11/18 03:58:32 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icfupgd.dll [2012/11/18 03:58:31 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeUISrv.exe [2012/11/18 03:58:30 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PCPKsp.dll [2012/11/18 03:58:27 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll [2012/11/18 03:58:26 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll [2012/11/18 03:58:26 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll [2012/11/18 03:58:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2012/11/18 03:58:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2012/11/18 03:58:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfapigp.dll [2012/11/18 03:58:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfapigp.dll [2012/11/18 03:58:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll [2012/11/18 03:58:20 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys [2012/11/18 03:58:20 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll [2012/11/18 03:58:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdhebl3.dll [2012/11/18 03:58:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdhebl3.dll [2012/11/17 15:23:42 | 000,067,368 | ---- | C] (Mozy, Inc.) -- C:\Windows\SysNative\drivers\mozy.sys [2012/11/17 15:23:42 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozyHome [2012/11/17 15:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\MozyHome [2010/11/19 08:27:00 | 000,587,776 | ---- | C] (Igor Pavlov) -- C:\Users\maneck\AppData\Roaming\7za.exe ========== Files - Modified Within 30 Days ========== [2012/12/16 22:20:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\maneck\Desktop\OTL.exe [2012/12/16 22:18:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965696579-3179257427-1811898925-1001UA.job [2012/12/16 22:00:01 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/16 21:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/12/16 21:18:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965696579-3179257427-1811898925-1001Core.job [2012/12/16 20:12:45 | 000,852,442 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/12/16 20:12:45 | 000,726,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/12/16 20:12:45 | 000,138,048 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/12/16 17:04:32 | 000,000,913 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk [2012/12/16 15:38:45 | 000,005,192 | ---- | M] () -- C:\Windows\mozy.blk [2012/12/16 15:38:45 | 000,000,852 | ---- | M] () -- C:\Windows\mozy.flt [2012/12/16 12:34:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/12/16 12:32:49 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2012/12/16 12:27:05 | 000,545,819 | ---- | M] () -- C:\Users\maneck\Desktop\adwcleaner.exe [2012/12/16 12:26:59 | 000,755,712 | ---- | M] () -- C:\Users\maneck\Desktop\RogueKiller.exe [2012/12/16 12:26:29 | 000,856,731 | ---- | M] () -- C:\Users\maneck\Desktop\SecurityCheck.exe [2012/12/16 09:45:00 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\maneck\Desktop\dds.com [2012/12/15 17:48:39 | 000,354,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/12/15 17:13:28 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012/12/15 09:43:05 | 027,469,142 | ---- | M] () -- C:\Users\maneck\Desktop\AI.Roboform.Enterprise.v7.8.5.7-TE.rar [2012/12/12 12:42:38 | 000,001,043 | ---- | M] () -- C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk [2012/12/12 12:32:35 | 000,001,134 | ---- | M] () -- C:\Users\maneck\Application Data\Microsoft\Internet Explorer\Quick Launch\SUMo.lnk [2012/12/10 00:35:51 | 000,226,774 | ---- | M] () -- C:\Users\maneck\Desktop\Shruti CV.pdf [2012/12/09 12:57:34 | 000,000,853 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/12/09 12:57:34 | 000,000,852 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.umbrella [2012/12/08 13:45:26 | 000,112,611 | ---- | M] () -- C:\Users\maneck\Desktop\How_to_cut_Mini_and_Micro_SIM_to_Nano_SIM.pdf [2012/12/08 01:26:24 | 000,015,194 | ---- | M] () -- C:\Users\maneck\Desktop\International 26% Whole Milk Powder Price.csv [2012/12/06 11:25:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf [2012/12/05 13:43:12 | 000,002,052 | ---- | M] () -- C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk [2012/11/30 03:06:06 | 000,695,648 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/11/30 03:06:06 | 000,080,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/11/28 08:21:17 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll [2012/11/28 08:20:59 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll [2012/11/20 12:00:23 | 006,971,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/11/20 09:24:19 | 001,164,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll [2012/11/20 09:24:17 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll [2012/11/20 09:17:23 | 001,184,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll [2012/11/20 09:17:20 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll [2012/11/20 09:02:46 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDKURD.DLL [2012/11/20 08:59:26 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDKURD.DLL [2012/11/20 08:56:11 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2012/11/20 08:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidi2c.sys [2012/11/19 23:47:12 | 084,459,095 | ---- | M] () -- C:\Users\maneck\Desktop\FHIF Goodbye to Bloo - YouTube.FLV ========== Files Created - No Company Name ========== [2012/12/16 12:27:02 | 000,545,819 | ---- | C] () -- C:\Users\maneck\Desktop\adwcleaner.exe [2012/12/16 12:26:56 | 000,755,712 | ---- | C] () -- C:\Users\maneck\Desktop\RogueKiller.exe [2012/12/16 12:26:24 | 000,856,731 | ---- | C] () -- C:\Users\maneck\Desktop\SecurityCheck.exe [2012/12/15 17:48:13 | 000,354,136 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/12/15 17:05:57 | 000,385,604 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2012/12/15 09:34:09 | 027,469,142 | ---- | C] () -- C:\Users\maneck\Desktop\AI.Roboform.Enterprise.v7.8.5.7-TE.rar [2012/12/10 00:36:05 | 000,226,774 | ---- | C] () -- C:\Users\maneck\Desktop\Shruti CV.pdf [2012/12/08 13:45:25 | 000,112,611 | ---- | C] () -- C:\Users\maneck\Desktop\How_to_cut_Mini_and_Micro_SIM_to_Nano_SIM.pdf [2012/12/08 00:43:46 | 000,015,194 | ---- | C] () -- C:\Users\maneck\Desktop\International 26% Whole Milk Powder Price.csv [2012/12/06 11:25:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf [2012/12/05 13:43:12 | 000,002,052 | ---- | C] () -- C:\Users\maneck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk [2012/11/19 23:44:59 | 084,459,095 | ---- | C] () -- C:\Users\maneck\Desktop\FHIF Goodbye to Bloo - YouTube.FLV [2012/11/17 15:23:42 | 000,000,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk [2012/11/03 16:40:59 | 000,000,530 | ---- | C] () -- C:\Users\maneck\AppData\Roaming\All CPU MeterV2_Settings.ini [2012/10/10 12:12:51 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012/10/08 22:19:01 | 000,857,144 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/08/31 12:30:40 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc [2012/08/30 23:24:18 | 000,000,228 | ---- | C] () -- C:\Users\maneck\.swfinfo [2012/08/29 23:28:37 | 000,000,000 | ---- | C] () -- C:\Users\maneck\AppData\Roaming\Stardockfences_debug_snapshot.dat [2012/08/29 05:17:54 | 000,004,608 | ---- | C] () -- C:\Users\maneck\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/08/29 05:08:02 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012/08/29 03:14:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012/08/29 02:15:06 | 000,386,923 | ---- | C] () -- C:\Windows\KMSAct.exe [2012/08/29 01:45:29 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2012/07/26 12:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012/07/26 12:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012/07/26 11:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012/07/26 05:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012/07/26 00:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012/07/26 00:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012/06/02 18:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2011/08/01 21:28:14 | 000,009,256 | ---- | C] () -- C:\Users\maneck\AppData\Roaming\a.7z ========== ZeroAccess Check ========== [2012/08/29 02:39:07 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/11/06 08:19:27 | 019,789,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/11/06 08:20:00 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 07:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 07:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 07:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report >
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.