Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio ad virus?


  • This topic is locked This topic is locked
19 replies to this topic

#1 iman1323

iman1323

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 02 January 2014 - 08:03 PM

My computer keeps playing random audio sounds without any applications open. I've tried Malwarebytes, Symanatic Endpoint Protection, and the TDSKIller but none seem to fix the problem.

 

Please only use free anti spyware,

 

 

thanks in advance, iman1323



BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:59 PM

Posted 03 January 2014 - 10:00 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Also

  • Please re-run FRST again and type the following in the edit box after Search: rpcss.dll
  • Click the Search button
  • It will make a log (Search.txt)- please post the log into your reply to me. (you can use pastebin as well).

 

 

Regards,

Georgi


cXfZ4wS.png


#3 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:59 PM

Posted 04 January 2014 - 06:10 PM

Hi,

 

 

Are you still there?

 

 

Regards,

Georgi


cXfZ4wS.png


#4 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 04 January 2014 - 09:56 PM

Yes sorry for the late reply, and I've been busy with work, should i run this in safe mode with networking or just normal boot up mode?



#5 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 04 January 2014 - 10:12 PM

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ooVoo LLC) C:\Program Files (x86)\oovoo\ooVoo.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin64\Smc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1719944 2013-04-01] (Ask)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1262328 2013-03-27] (Bogdan Sharkov)
HKCU\...\Run: [ooVoo.exe] - C:\Program Files (x86)\oovoo\ooVoo.exe [36125760 2013-12-18] (ooVoo LLC)
HKCU\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKCU\...\Run: [AVG-Secure-Search-Update_0913a] - C:\Users\Ian McQuilkin\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 53403424344747d3bce2e1ccefd870d1-e06959ca7607e430b02673f1ade8c7ecbc637dc9 --CMPID 0913a
HKCU\...\Run: [Itibiti.exe] - C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKCU\...\Run: [uTorrent] - "C:\Users\Ian McQuilkin\Downloads\utorrent.exe"  /MINIMIZED
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-11-29] (Electronic Arts)
HKCU\...\Run: [MobileAppSync] - "C:\Program Files (x86)\Mobile App Sync\D2MClient.exe"
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-19] (SUPERAntiSpyware)
HKCU\...\Policies\Explorer: [AlwaysShowClassicMenu] 1
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
MountPoints2: {6fd244c4-510d-11e2-812a-806e6f6e6963} - D:\Setup.exe
Startup: C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk
ShortcutTarget: Hauppauge Device Properties.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1259DBCF18E5CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {9D889B76-8A13-45E7-8AC7-890432B7B43A} URL = 
SearchScopes: HKCU - DefaultScope {9D889B76-8A13-45E7-8AC7-890432B7B43A} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3318920&CUI=UN31770359721571121&UM=2
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {391506D4-6FF2-4247-93D2-9FF924CC4F89} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\IPS\IPSBHO.dll (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: ooVoo toolbar, powered by Ask.com - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - ooVoo toolbar, powered by Ask.com - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Ian McQuilkin\AppData\Roaming\Mozilla\Firefox\Profiles\cwhr6fj0.default-1375502143584
FF user.js: detected! => C:\Users\Ian McQuilkin\AppData\Roaming\Mozilla\Firefox\Profiles\cwhr6fj0.default-1375502143584\user.js
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: AVG Secure Search
FF SearchEngineOrder.2: Yahoo
FF SearchEngineOrder.3: Bing 
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Ian McQuilkin\AppData\Roaming\Mozilla\Firefox\Profiles\cwhr6fj0.default-1375502143584\Extensions\{ed541409-a451-4021-921f-0b66f3196e57}
FF HKLM\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\IPSFF
 
Chrome: 
=======
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo!
CHR DefaultNewTabURL: 
CHR Extension: (Adblock Plus) - C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0
CHR Extension: (Google Wallet) - C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM-x32\...\Chrome\Extension: [gddejphgogdngaihfpebjpmlkjjhmikc] - C:\Users\Ian McQuilkin\AppData\Local\CRE\gddejphgogdngaihfpebjpmlkjjhmikc.crx
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-01] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
R3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [391504 2013-06-25] (Hauppauge Computer Works, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-12-14] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\ccSvcHst.exe [137208 2012-06-29] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin64\Smc.exe [2601544 2012-06-29] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin64\snac64.exe [325040 2012-06-29] (Symantec Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
S1 archlp; C:\Windows\SysWow64\Drivers\archlp.sys [10624 2008-01-25] ()
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys [1526488 2013-12-02] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [966640 2013-05-23] (Hauppauge Computer Work, Inc.)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\IPSDefs\20140101.001_308\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\VirusDefs\20140102.001\ENG64.SYS [126040 2013-12-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\VirusDefs\20140102.001\EX64.SYS [2099288 2013-12-24] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C01044D\0191.105\x64\SRTSP64.SYS [678008 2012-06-29] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C01044D\0191.105\x64\SRTSPX64.SYS [39032 2012-06-29] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin64\SyDvCtrl64.sys [29664 2012-06-29] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C01044D\0191.105\x64\SYMDS64.SYS [451192 2012-06-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C01044D\0191.105\x64\SYMEFA64.SYS [932472 2012-06-29] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-12-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C01044D\0191.105\x64\Ironx64.SYS [171128 2012-06-29] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C01044D\0191.105\x64\SYMNETS.SYS [386168 2012-06-29] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [119816 2012-12-29] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [62672 2012-06-29] (Symantec Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-04 22:02 - 2014-01-04 22:02 - 00018859 _____ C:\Users\Ian McQuilkin\Downloads\FRST.txt
2014-01-04 22:02 - 2014-01-04 22:02 - 00000000 ____D C:\FRST
2014-01-04 22:01 - 2014-01-04 22:01 - 01931368 _____ (Farbar) C:\Users\Ian McQuilkin\Downloads\FRST64.exe
2014-01-02 19:47 - 2014-01-02 19:47 - 00283139 _____ C:\Users\Ian McQuilkin\Downloads\Random Ads Playing in background of computer  - Virus, Trojan, Spyware, and Malware Removal Logs.htm
2014-01-02 19:47 - 2014-01-02 19:47 - 00000000 ____D C:\Users\Ian McQuilkin\Downloads\Random Ads Playing in background of computer  - Virus, Trojan, Spyware, and Malware Removal Logs_files
2014-01-02 19:46 - 2014-01-02 19:46 - 03810304 _____ C:\Users\Ian McQuilkin\Downloads\RogueKiller.exe
2014-01-02 19:46 - 2014-01-02 19:46 - 03810304 _____ C:\Users\Ian McQuilkin\Desktop\RogueKiller.exe
2014-01-02 19:46 - 2014-01-02 19:46 - 01233962 _____ C:\Users\Ian McQuilkin\Downloads\adwcleaner.exe
2014-01-02 19:46 - 2014-01-02 19:46 - 01233962 _____ C:\Users\Ian McQuilkin\Desktop\adwcleaner.exe
2014-01-02 19:43 - 2014-01-02 19:43 - 00017888 _____ C:\Users\Ian McQuilkin\Desktop\dds.txt
2014-01-02 19:43 - 2014-01-02 19:43 - 00017095 _____ C:\Users\Ian McQuilkin\Desktop\attach.txt
2014-01-02 19:41 - 2014-01-02 19:41 - 00000488 _____ C:\Users\Ian McQuilkin\Desktop\defogger_disable.log
2014-01-02 19:41 - 2014-01-02 19:41 - 00000000 _____ C:\Users\Ian McQuilkin\defogger_reenable
2014-01-02 19:41 - 2014-01-02 19:40 - 00688992 ____R (Swearware) C:\Users\Ian McQuilkin\Desktop\dds.scr
2014-01-02 19:40 - 2014-01-02 19:40 - 00987410 _____ C:\Users\Ian McQuilkin\Desktop\SecurityCheck.exe
2014-01-02 19:40 - 2014-01-02 19:40 - 00688992 _____ (Swearware) C:\Users\Ian McQuilkin\Downloads\dds.scr
2014-01-02 19:39 - 2014-01-02 19:40 - 00987410 _____ C:\Users\Ian McQuilkin\Downloads\SecurityCheck.exe
2014-01-02 19:39 - 2014-01-02 19:39 - 00050477 _____ C:\Users\Ian McQuilkin\Downloads\Defogger.exe
2014-01-02 19:39 - 2014-01-02 19:39 - 00050477 _____ C:\Users\Ian McQuilkin\Desktop\Defogger.exe
2014-01-02 18:37 - 2014-01-02 18:37 - 29249912 _____ (SUPERAntiSpyware) C:\Users\Ian McQuilkin\Downloads\SUPERAntiSpywarePro.exe
2014-01-02 18:37 - 2014-01-02 18:37 - 00001810 _____ C:\Users\Ian McQuilkin\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-02 18:37 - 2014-01-02 18:37 - 00000526 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8dbc3b7d-418d-43b3-a44f-f3e2037b7ee2.job
2014-01-02 18:37 - 2014-01-02 18:37 - 00000526 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 06166453-fa7a-41e1-8974-02fe30ad069d.job
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\SUPERAntiSpyware.com
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-02 18:33 - 2014-01-02 18:33 - 00187464 _____ (Webroot) C:\Users\Ian McQuilkin\Downloads\antizeroaccess.exe
2014-01-02 18:24 - 2014-01-02 18:24 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Ian McQuilkin\Downloads\unhide.exe
2014-01-02 18:24 - 2014-01-02 18:24 - 00000794 _____ C:\Users\Ian McQuilkin\Desktop\unhide.txt
2014-01-02 18:16 - 2014-01-02 18:16 - 04101441 _____ C:\Users\Ian McQuilkin\Downloads\tdsskiller.zip
2014-01-02 18:16 - 2014-01-02 18:16 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 18:16 - 2013-11-18 00:28 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Ian McQuilkin\Desktop\TDSSKiller.exe
2014-01-02 18:15 - 2014-01-02 18:16 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Ian McQuilkin\Downloads\tdsskiller.exe
2014-01-02 18:14 - 2014-01-02 18:14 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Ian McQuilkin\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-02 18:14 - 2014-01-02 18:14 - 00000000 ____D C:\Users\Ian McQuilkin\Desktop\rkill
2014-01-02 18:13 - 2014-01-02 18:14 - 00004220 _____ C:\Users\Ian McQuilkin\Desktop\Rkill.txt
2014-01-02 18:13 - 2014-01-02 18:13 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Ian McQuilkin\Downloads\rkill.exe
2014-01-02 18:02 - 2014-01-02 18:02 - 00037376 _____ C:\Windows\system32\ohjd.jci
2014-01-02 17:51 - 2014-01-04 22:01 - 00000080 _____ C:\Windows\system32\pssvvzt.zjj
2014-01-02 17:50 - 2014-01-02 18:02 - 00000096 _____ C:\Windows\system32\eloevi.gdp
2014-01-02 17:50 - 2014-01-02 17:50 - 00000064 _____ C:\Windows\system32\mosh.dnb
2014-01-02 17:43 - 2014-01-02 17:43 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\FalloutNV
2014-01-02 17:34 - 2014-01-02 17:34 - 00219314 ____S C:\Windows\system32\sygh.jtc
2014-01-02 16:53 - 2014-01-02 16:53 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\4A Games
2014-01-02 16:52 - 2014-01-02 16:52 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\4A Games
2014-01-01 23:16 - 2014-01-01 23:16 - 00071773 _____ C:\Users\Ian McQuilkin\Downloads\LoganNZL v6.2 Happy New Year! (Hot fix 1).rar
2014-01-01 20:38 - 2014-01-01 20:38 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-01 20:04 - 2014-01-01 20:50 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-01 19:42 - 2014-01-02 00:19 - 00000000 ____D C:\AdwCleaner
2013-12-31 17:22 - 2014-01-02 00:19 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2013-12-28 02:29 - 2013-12-28 02:33 - 00000000 ____D C:\Windows\hsperfdata_Ian McQuilkin
2013-12-28 02:29 - 2013-12-28 02:29 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\8BitMMO
2013-12-28 00:20 - 2014-01-02 00:19 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-12-28 00:20 - 2014-01-02 00:19 - 00000000 ____D C:\72306c93b285984124f671
2013-12-28 00:20 - 2013-12-28 00:20 - 07878008 _____ (Microsoft Corporation) C:\Users\Ian McQuilkin\Downloads\Xbox360_64Eng.exe
2013-12-27 23:23 - 2013-12-27 23:23 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\Eden Games
2013-12-27 22:20 - 2013-12-28 21:47 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\PAYDAY
2013-12-27 21:41 - 2013-12-27 21:41 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\2K Sports
2013-12-26 22:35 - 2013-12-26 22:35 - 00000000 ____D C:\Users\Ian McQuilkin\Desktop\New folder
2013-12-26 19:10 - 2013-12-26 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-25 22:38 - 2013-12-25 22:38 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Skyrim
2013-12-25 22:37 - 2014-01-02 17:43 - 00088609 _____ C:\Windows\DirectX.log
2013-12-25 11:36 - 2013-12-25 11:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-25 11:36 - 2013-12-25 11:36 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-24 00:42 - 2013-12-24 00:42 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\CrashRpt
2013-12-24 00:39 - 2013-12-24 00:39 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\Square Enix
2013-12-21 01:04 - 2013-12-21 01:04 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\CDWLauncher
2013-12-19 13:27 - 2014-01-04 21:58 - 00001924 _____ C:\Windows\setupact.log
2013-12-19 13:27 - 2013-12-19 13:27 - 00000000 _____ C:\Windows\setuperr.log
2013-12-19 00:14 - 2013-12-19 00:14 - 04995416 _____ (Microsoft Corporation) C:\Users\Ian McQuilkin\Downloads\vcredist_x86.exe
2013-12-18 23:11 - 2013-12-18 23:11 - 00000000 ____D C:\ProgramData\GroupPolicy
2013-12-18 22:54 - 2013-12-18 22:54 - 00000000 ____D C:\Users\Ian McQuilkin\Desktop\Spyware
2013-12-18 22:33 - 2013-12-18 22:34 - 00000000 ____D C:\Windows\45D36D57550F4D3B9947ED9A1F2A6E0F.TMP
2013-12-16 20:44 - 2014-01-02 00:19 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\DayZ
2013-12-16 20:44 - 2013-12-16 20:56 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\DayZ
2013-12-15 23:54 - 2014-01-02 00:19 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Mobogenie
2013-12-15 23:54 - 2014-01-02 00:19 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-15 23:54 - 2014-01-02 00:19 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-15 23:54 - 2013-12-15 23:54 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\cache
2013-12-15 23:54 - 2013-12-15 23:54 - 00000000 ____D C:\Users\Ian McQuilkin\.android
2013-12-15 23:54 - 2013-12-15 23:54 - 00000000 _____ C:\Users\Ian McQuilkin\daemonprocess.txt
2013-12-15 21:30 - 2013-12-15 21:30 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\Navicat
2013-12-15 21:08 - 2013-12-15 21:08 - 00001178 _____ C:\Users\Public\Desktop\Navicat Lite.lnk
2013-12-15 21:08 - 2013-12-15 21:08 - 00000000 ____D C:\Program Files (x86)\PremiumSoft
2013-12-15 21:08 - 2009-07-10 12:43 - 01589248 _____ C:\Windows\SysWOW64\libmysql_d.dll
2013-12-14 23:48 - 2013-12-15 00:25 - 00298584 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-12-14 23:15 - 2013-12-14 23:15 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-14 23:15 - 2013-12-14 23:15 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Apps\2.0
2013-12-14 23:15 - 2013-12-14 23:15 - 00000000 ____D C:\Ubisoft
2013-12-14 23:14 - 2013-12-15 00:25 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Deployment
2013-12-10 21:21 - 2013-12-10 21:21 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
 
==================== One Month Modified Files and Folders =======
 
2014-01-04 22:02 - 2014-01-04 22:02 - 00018859 _____ C:\Users\Ian McQuilkin\Downloads\FRST.txt
2014-01-04 22:02 - 2014-01-04 22:02 - 00000000 ____D C:\FRST
2014-01-04 22:01 - 2014-01-04 22:01 - 01931368 _____ (Farbar) C:\Users\Ian McQuilkin\Downloads\FRST64.exe
2014-01-04 22:01 - 2014-01-02 17:51 - 00000080 _____ C:\Windows\system32\pssvvzt.zjj
2014-01-04 21:59 - 2013-11-29 23:13 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-04 21:59 - 2013-01-02 17:55 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\Skype
2014-01-04 21:59 - 2013-01-01 18:55 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-04 21:59 - 2012-12-28 22:45 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Adobe
2014-01-04 21:58 - 2013-12-19 13:27 - 00001924 _____ C:\Windows\setupact.log
2014-01-04 21:58 - 2013-05-01 19:05 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 21:58 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-02 22:37 - 2012-12-28 22:56 - 01074439 _____ C:\Windows\WindowsUpdate.log
2014-01-02 22:21 - 2012-12-28 11:47 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 21:41 - 2013-05-01 19:05 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-02 19:47 - 2014-01-02 19:47 - 00283139 _____ C:\Users\Ian McQuilkin\Downloads\Random Ads Playing in background of computer  - Virus, Trojan, Spyware, and Malware Removal Logs.htm
2014-01-02 19:47 - 2014-01-02 19:47 - 00000000 ____D C:\Users\Ian McQuilkin\Downloads\Random Ads Playing in background of computer  - Virus, Trojan, Spyware, and Malware Removal Logs_files
2014-01-02 19:46 - 2014-01-02 19:46 - 03810304 _____ C:\Users\Ian McQuilkin\Downloads\RogueKiller.exe
2014-01-02 19:46 - 2014-01-02 19:46 - 03810304 _____ C:\Users\Ian McQuilkin\Desktop\RogueKiller.exe
2014-01-02 19:46 - 2014-01-02 19:46 - 01233962 _____ C:\Users\Ian McQuilkin\Downloads\adwcleaner.exe
2014-01-02 19:46 - 2014-01-02 19:46 - 01233962 _____ C:\Users\Ian McQuilkin\Desktop\adwcleaner.exe
2014-01-02 19:43 - 2014-01-02 19:43 - 00017888 _____ C:\Users\Ian McQuilkin\Desktop\dds.txt
2014-01-02 19:43 - 2014-01-02 19:43 - 00017095 _____ C:\Users\Ian McQuilkin\Desktop\attach.txt
2014-01-02 19:41 - 2014-01-02 19:41 - 00000488 _____ C:\Users\Ian McQuilkin\Desktop\defogger_disable.log
2014-01-02 19:41 - 2014-01-02 19:41 - 00000000 _____ C:\Users\Ian McQuilkin\defogger_reenable
2014-01-02 19:41 - 2012-12-28 11:11 - 00000000 ____D C:\Users\Ian McQuilkin
2014-01-02 19:40 - 2014-01-02 19:41 - 00688992 ____R (Swearware) C:\Users\Ian McQuilkin\Desktop\dds.scr
2014-01-02 19:40 - 2014-01-02 19:40 - 00987410 _____ C:\Users\Ian McQuilkin\Desktop\SecurityCheck.exe
2014-01-02 19:40 - 2014-01-02 19:40 - 00688992 _____ (Swearware) C:\Users\Ian McQuilkin\Downloads\dds.scr
2014-01-02 19:40 - 2014-01-02 19:39 - 00987410 _____ C:\Users\Ian McQuilkin\Downloads\SecurityCheck.exe
2014-01-02 19:39 - 2014-01-02 19:39 - 00050477 _____ C:\Users\Ian McQuilkin\Downloads\Defogger.exe
2014-01-02 19:39 - 2014-01-02 19:39 - 00050477 _____ C:\Users\Ian McQuilkin\Desktop\Defogger.exe
2014-01-02 18:37 - 2014-01-02 18:37 - 29249912 _____ (SUPERAntiSpyware) C:\Users\Ian McQuilkin\Downloads\SUPERAntiSpywarePro.exe
2014-01-02 18:37 - 2014-01-02 18:37 - 00001810 _____ C:\Users\Ian McQuilkin\Desktop\SUPERAntiSpyware Professional.lnk
2014-01-02 18:37 - 2014-01-02 18:37 - 00000526 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8dbc3b7d-418d-43b3-a44f-f3e2037b7ee2.job
2014-01-02 18:37 - 2014-01-02 18:37 - 00000526 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 06166453-fa7a-41e1-8974-02fe30ad069d.job
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\SUPERAntiSpyware.com
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2014-01-02 18:37 - 2014-01-02 18:37 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-02 18:33 - 2014-01-02 18:33 - 00187464 _____ (Webroot) C:\Users\Ian McQuilkin\Downloads\antizeroaccess.exe
2014-01-02 18:24 - 2014-01-02 18:24 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Ian McQuilkin\Downloads\unhide.exe
2014-01-02 18:24 - 2014-01-02 18:24 - 00000794 _____ C:\Users\Ian McQuilkin\Desktop\unhide.txt
2014-01-02 18:16 - 2014-01-02 18:16 - 04101441 _____ C:\Users\Ian McQuilkin\Downloads\tdsskiller.zip
2014-01-02 18:16 - 2014-01-02 18:16 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-02 18:16 - 2014-01-02 18:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Ian McQuilkin\Downloads\tdsskiller.exe
2014-01-02 18:16 - 2013-10-07 22:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 18:14 - 2014-01-02 18:14 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Ian McQuilkin\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-02 18:14 - 2014-01-02 18:14 - 00000000 ____D C:\Users\Ian McQuilkin\Desktop\rkill
2014-01-02 18:14 - 2014-01-02 18:13 - 00004220 _____ C:\Users\Ian McQuilkin\Desktop\Rkill.txt
2014-01-02 18:13 - 2014-01-02 18:13 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Ian McQuilkin\Downloads\rkill.exe
2014-01-02 18:02 - 2014-01-02 18:02 - 00037376 _____ C:\Windows\system32\ohjd.jci
2014-01-02 18:02 - 2014-01-02 17:50 - 00000096 _____ C:\Windows\system32\eloevi.gdp
2014-01-02 17:50 - 2014-01-02 17:50 - 00000064 _____ C:\Windows\system32\mosh.dnb
2014-01-02 17:43 - 2014-01-02 17:43 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\FalloutNV
2014-01-02 17:43 - 2013-12-25 22:37 - 00088609 _____ C:\Windows\DirectX.log
2014-01-02 17:43 - 2013-08-09 17:50 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\My Games
2014-01-02 17:34 - 2014-01-02 17:34 - 00219314 ____S C:\Windows\system32\sygh.jtc
2014-01-02 16:53 - 2014-01-02 16:53 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\4A Games
2014-01-02 16:52 - 2014-01-02 16:52 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\4A Games
2014-01-02 00:20 - 2013-11-12 00:57 - 00000000 ____D C:\ProgramData\VisualBee
2014-01-02 00:19 - 2014-01-01 19:42 - 00000000 ____D C:\AdwCleaner
2014-01-02 00:19 - 2013-12-31 17:22 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2014-01-02 00:19 - 2013-12-28 00:20 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2014-01-02 00:19 - 2013-12-28 00:20 - 00000000 ____D C:\72306c93b285984124f671
2014-01-02 00:19 - 2013-12-16 20:44 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\DayZ
2014-01-02 00:19 - 2013-12-15 23:54 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Mobogenie
2014-01-02 00:19 - 2013-12-15 23:54 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-02 00:19 - 2013-12-15 23:54 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2014-01-02 00:19 - 2013-11-12 00:58 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\NativeMessaging
2014-01-02 00:19 - 2013-04-20 14:17 - 00000000 ____D C:\Program Files\Bonjour
2014-01-02 00:19 - 2013-03-31 12:03 - 00000000 ____D C:\Program Files (x86)\Conduit
2014-01-02 00:19 - 2013-01-03 00:14 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2014-01-02 00:19 - 2013-01-03 00:14 - 00000000 ____D C:\Program Files (x86)\NCH Software
2014-01-02 00:19 - 2013-01-02 02:32 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\ArmA 2
2014-01-02 00:19 - 2013-01-01 18:30 - 00000000 ____D C:\Program Files (x86)\Ask.com
2014-01-02 00:19 - 2012-12-28 11:56 - 00000000 ____D C:\Program Files\Unlocker
2014-01-02 00:19 - 2012-12-28 11:43 - 00000000 ____D C:\Windows\SysWOW64\directx
2014-01-02 00:19 - 2012-12-28 11:11 - 00000000 ___RD C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-02 00:19 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2014-01-01 23:20 - 2009-07-13 23:45 - 00024368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-01 23:20 - 2009-07-13 23:45 - 00024368 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-01 23:16 - 2014-01-01 23:16 - 00071773 _____ C:\Users\Ian McQuilkin\Downloads\LoganNZL v6.2 Happy New Year! (Hot fix 1).rar
2014-01-01 20:50 - 2014-01-01 20:04 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-01 20:38 - 2014-01-01 20:38 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-29 21:47 - 2013-01-02 17:42 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-12-28 21:47 - 2013-12-27 22:20 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\PAYDAY
2013-12-28 02:33 - 2013-12-28 02:29 - 00000000 ____D C:\Windows\hsperfdata_Ian McQuilkin
2013-12-28 02:29 - 2013-12-28 02:29 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\8BitMMO
2013-12-28 00:20 - 2013-12-28 00:20 - 07878008 _____ (Microsoft Corporation) C:\Users\Ian McQuilkin\Downloads\Xbox360_64Eng.exe
2013-12-27 23:23 - 2013-12-27 23:23 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\Eden Games
2013-12-27 21:41 - 2013-12-27 21:41 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\2K Sports
2013-12-27 12:30 - 2013-01-02 02:34 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\ArmA 2 OA
2013-12-26 22:35 - 2013-12-26 22:35 - 00000000 ____D C:\Users\Ian McQuilkin\Desktop\New folder
2013-12-26 19:10 - 2013-12-26 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-25 22:38 - 2013-12-25 22:38 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Skyrim
2013-12-25 11:36 - 2013-12-25 11:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-25 11:36 - 2013-12-25 11:36 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-24 12:35 - 2013-07-12 21:22 - 00001859 _____ C:\Users\Public\Desktop\ooVoo.lnk
2013-12-24 12:35 - 2013-05-19 15:32 - 00000000 ____D C:\Program Files (x86)\oovoo
2013-12-24 00:42 - 2013-12-24 00:42 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\CrashRpt
2013-12-24 00:42 - 2013-09-04 16:43 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-24 00:39 - 2013-12-24 00:39 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\Square Enix
2013-12-21 01:04 - 2013-12-21 01:04 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\CDWLauncher
2013-12-19 13:27 - 2013-12-19 13:27 - 00000000 _____ C:\Windows\setuperr.log
2013-12-19 00:14 - 2013-12-19 00:14 - 04995416 _____ (Microsoft Corporation) C:\Users\Ian McQuilkin\Downloads\vcredist_x86.exe
2013-12-19 00:02 - 2013-11-12 00:15 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\uTorrent
2013-12-18 23:11 - 2013-12-18 23:11 - 00000000 ____D C:\ProgramData\GroupPolicy
2013-12-18 22:54 - 2013-12-18 22:54 - 00000000 ____D C:\Users\Ian McQuilkin\Desktop\Spyware
2013-12-18 22:52 - 2013-08-21 20:02 - 00000000 ____D C:\Users\Ian McQuilkin\Desktop\Games
2013-12-18 22:34 - 2013-12-18 22:33 - 00000000 ____D C:\Windows\45D36D57550F4D3B9947ED9A1F2A6E0F.TMP
2013-12-16 20:56 - 2013-12-16 20:44 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\DayZ
2013-12-16 15:28 - 2013-01-01 19:03 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-16 00:21 - 2012-12-28 11:11 - 00000000 ___RD C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-15 23:54 - 2013-12-15 23:54 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\cache
2013-12-15 23:54 - 2013-12-15 23:54 - 00000000 ____D C:\Users\Ian McQuilkin\.android
2013-12-15 23:54 - 2013-12-15 23:54 - 00000000 _____ C:\Users\Ian McQuilkin\daemonprocess.txt
2013-12-15 21:30 - 2013-12-15 21:30 - 00000000 ____D C:\Users\Ian McQuilkin\Documents\Navicat
2013-12-15 21:08 - 2013-12-15 21:08 - 00001178 _____ C:\Users\Public\Desktop\Navicat Lite.lnk
2013-12-15 21:08 - 2013-12-15 21:08 - 00000000 ____D C:\Program Files (x86)\PremiumSoft
2013-12-15 00:25 - 2013-12-14 23:48 - 00298584 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-12-15 00:25 - 2013-12-14 23:14 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Deployment
2013-12-15 00:25 - 2013-11-30 00:40 - 00298584 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-14 23:48 - 2013-11-30 00:44 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\PunkBuster
2013-12-14 23:48 - 2013-11-30 00:40 - 00298584 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-12-14 23:32 - 2013-11-30 00:40 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-14 23:15 - 2013-12-14 23:15 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-12-14 23:15 - 2013-12-14 23:15 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Local\Apps\2.0
2013-12-14 23:15 - 2013-12-14 23:15 - 00000000 ____D C:\Ubisoft
2013-12-14 03:37 - 2013-11-22 15:44 - 00000000 ____D C:\Users\Public\Hauppauge Capture
2013-12-12 03:43 - 2013-05-01 19:05 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-11 21:13 - 2013-01-02 17:32 - 00000000 ____D C:\Users\Ian McQuilkin\AppData\Roaming\.minecraft
2013-12-10 21:21 - 2013-12-10 21:21 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-10 21:21 - 2012-12-28 11:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 21:21 - 2012-12-28 11:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 21:21 - 2012-12-28 11:47 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-06 22:40 - 2009-07-14 00:08 - 00032598 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-05 11:50 - 2013-01-02 17:55 - 00000000 ____D C:\ProgramData\Skype
2013-12-05 11:49 - 2013-01-22 15:31 - 00000000 ___RD C:\Program Files (x86)\Skype
 
Files to move or delete:
====================
C:\Users\Ian McQuilkin\CCEnhancer-2.5.1.exe
 
 
Some content of TEMP:
====================
C:\Users\Ian McQuilkin\AppData\Local\Temp\3F8F.exe
C:\Users\Ian McQuilkin\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Ian McQuilkin\AppData\Local\Temp\offercast.exe
C:\Users\Ian McQuilkin\AppData\Local\Temp\tbVis0.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2010-11-20 22:24] - [2010-11-20 22:24] - 0512512 ____A (Microsoft Corporation) 7C9068532F0D39A8A1D57211785838EC
 
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-12-22 16:57
 
==================== End Of Log ============================


#6 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 04 January 2014 - 10:13 PM

This was the second scan that popped up.
AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.30911 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80911.2216 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia Extreme (x32 Version:  - ArcSoft)
ARMA 2 (x32 Version:  - Bohemia Interactive)
ARMA 2: British Armed Forces - Data cache removal (x32 Version:  - )
Arma 2: British Armed Forces (x32 Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (x32 Version:  - )
Arma 2: Operation Arrowhead - Dedicated Server (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (x32 Version:  - )
ARMA 2: Private Military Company - Data cache removal (x32 Version:  - )
Arma 2: Private Military Company (x32 Version:  - Bohemia Interactive)
Arma 3 Alpha (x32 Version:  - Bohemia Interactive)
Ask Toolbar (x32 Version: 1.17.6.0 - Ask.com) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.1.0 - Asmedia Technology)
Audacity 2.0.2 (x32 Version: 2.0.2 - Audacity Team)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (x32 Version:  - )
BattlEye Uninstall (x32 Version:  - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 3.26 - Piriform)
CDisplay 1.8 (x32 Version:  - dvd8n)
Chivalry: Medieval Warfare (x32 Version:  - Torn Banner Studios)
Chivalry: Medieval Warfare Beta (x32 Version:  - )
Clownfish for Skype (x32 Version:  - )
Contagion (x32 Version:  - Monochrome LLC)
Cry of Fear (x32 Version:  - )
CyberLink PowerDirector 12 (Version: 12.0.2230.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (x32 Version: 12.0.2230.0 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (x32 Version:  - Bohemia Interactive)
DayZ Commander (x32 Version: 0.9.117 - Dotjosh Studios)
Defraggler (Version: 2.12 - Piriform)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 Demo (x32 Version:  - )
Fallout: New Vegas (x32 Version:  - Obsidian Entertainment)
Fraps (remove only) (x32 Version:  - )
Garry's Mod (x32 Version:  - Garry)
Ghost Recon Online (NCSA-Live) (HKCU Version: 1.34.7344.1 - Ubisoft)
GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version:  - Rockstar North)
Hauppauge Capture (x32 Version: 1.0.31248 - Hauppauge Computer Works)
Hauppauge Device Central (x32 Version: 1.2.31173 - Hauppauge Computer Works, Inc.)
Horizon v2.7.1.4 (x32 Version: 2.7.1.4 - Daring Development Inc.)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 17 (x32 Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Just Cause 2 (x32 Version:  - Avalanche)
Just Cause 2: Multiplayer Mod (x32 Version:  - JC2-MP Team)
Killing Floor (x32 Version:  - Tripwire Interactive)
K-Lite Codec Pack 7.0.0 (Standard) (x32 Version: 7.0.0 - )
Left 4 Dead 2 (x32 Version:  - Valve)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Metro 2033 (x32 Version:  - 4A Games)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight (x32 Version:  - )
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Modio (x32 Version:  - GameTuts)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NBA 2K13 (x32 Version:  - Visual Concepts)
NewBlue Video Essentials for PowerDirector (Version: 3.0 - NewBlue)
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation)
ooVoo (x32 Version: 3.5.9052 - ooVoo LLC.)
ooVoo toolbar, powered by Ask.com Updater (HKCU Version: 1.4.3.42067 - Ask.com)
Origin (x32 Version: 9.3.11.2762 - Electronic Arts, Inc.)
PAYDAY: The Heist (x32 Version:  - OVERKILL Software)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PremiumSoft Navicat Lite 10.0 (x32 Version:  - PremiumSoft CyberTech Ltd.)
Prism Video File Converter (x32 Version:  - NCH Software)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Rising Storm/Red Orchestra 2 Multiplayer (x32 Version:  - Tripwire Interactive)
Sid Meier's Civilization V (x32 Version:  - 2K Games, Inc.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sniper Elite V2 Demo (x32 Version:  - )
Source SDK Base 2007 (x32 Version:  - Valve)
Startup Cop 1.1 (x32 Version: 1.1 - Ziff Davis Media, Inc.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (Version: 5.7.1016 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Endpoint Protection (Version: 12.1.1101.401 - Symantec Corporation)
Team Fortress 2 (x32 Version:  - Valve)
Terraria (x32 Version:  - Re-Logic)
Test Drive Unlimited 2 (x32 Version:  - Eden Studios)
The Elder Scrolls V: Skyrim (x32 Version:  - Bethesda Game Studios)
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
VideoPad Video Editor (x32 Version:  - NCH Software)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
War Thunder Launcher 1.0.1.267 (x32 Version:  - 2013 Gaijin Entertainment Corporation)
Windows 7 Manager (Version: 4.1.9 - Yamicsoft)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 beta 3 (64-bit) (Version: 4.20.3 - win.rar GmbH)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
 
==================== Restore Points  =========================
 
28-12-2013 05:20:34 Installed DirectX
02-01-2014 02:28:34 Installed Microsoft Fix it 50267
02-01-2014 05:14:34 Restore Operation
02-01-2014 21:49:20 Installed Microsoft Visual C++ 2005 Redistributable
02-01-2014 21:50:05 Installed DirectX
02-01-2014 22:42:17 Installed DirectX
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {07D2C1D8-5AE0-4679-9470-B005886E9EFD} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [2013-03-16] (NCH Software)
Task: {2DB92475-D248-4002-9C4A-12EC407A1555} - System32\Tasks\AdobeAAMUpdater-1.0-IanMcQuilkin-PC-Ian McQuilkin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {31993F92-9ABF-47F7-A00E-DA2B18CCDC51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {5B666040-8EF9-4481-99A2-922F395530DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01] (Google Inc.)
Task: {609A2B6E-72BF-43EE-8C16-578A551E8C9D} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-01] ()
Task: {76A70867-9363-4F1D-B131-8D557EC6F42B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {B057CDF8-9C3F-40F6-8A04-9513B9F21EED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01] (Google Inc.)
Task: {F40D9928-C416-4F36-BC7D-21D2437D76E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 06166453-fa7a-41e1-8974-02fe30ad069d.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8dbc3b7d-418d-43b3-a44f-f3e2037b7ee2.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-11 21:57 - 2013-09-11 21:57 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-03-12 16:10 - 2013-11-06 16:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-12 20:43 - 2013-12-11 14:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-12 20:43 - 2013-11-06 16:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-07-12 20:43 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-07-12 20:43 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-07-12 20:43 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-29 23:14 - 2013-11-29 23:14 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll
2013-12-04 22:44 - 2013-12-03 21:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-04 22:44 - 2013-12-03 21:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-04 22:44 - 2013-12-03 21:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-04 22:44 - 2013-12-03 21:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-04 22:44 - 2013-12-03 21:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/04/2014 10:00:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/04/2014 09:58:42 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (01/02/2014 08:55:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/02/2014 08:54:46 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (01/02/2014 07:51:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/02/2014 07:50:45 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (01/02/2014 06:31:36 PM) (Source: Symantec AntiVirus) (User: )
Description: SONAR has generated an error: code 1: description: Heuristic Scan or Load Failure
 
Error: (01/02/2014 06:26:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/02/2014 06:26:27 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (01/02/2014 05:51:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (01/04/2014 09:58:48 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
archlp
 
Error: (01/04/2014 09:58:47 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error: 
%%4203
 
Error: (01/04/2014 09:58:21 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\archlp.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/02/2014 08:55:13 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
archlp
 
Error: (01/02/2014 08:54:48 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error: 
%%4203
 
Error: (01/02/2014 08:54:25 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\archlp.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/02/2014 07:51:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
archlp
 
Error: (01/02/2014 07:50:52 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error: 
%%4203
 
Error: (01/02/2014 07:49:53 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\archlp.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/02/2014 07:49:11 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-01-04 21:58:39.765
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-02 20:54:44.210
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-02 19:50:40.808
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-02 17:51:02.692
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-02 16:30:04.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-02 12:55:05.138
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-02 00:21:04.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-01 23:38:50.800
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-01 23:37:28.390
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-01 23:30:06.062
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 31%
Total physical RAM: 8137.36 MB
Available physical RAM: 5606.18 MB
Total Pagefile: 16272.9 MB
Available Pagefile: 13289.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:465.66 GB) (Free:90.55 GB) NTFS
Drive d: (CD-HDPVR2-V1.6) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 167F0D36)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 04 January 2014 - 10:23 PM

Search: "rpcss.dll" ===================
 
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2010-11-20 22:24] - [2010-11-20 22:24] - 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123
 
C:\Windows\System32\rpcss.dll
[2010-11-20 22:24] - [2010-11-20 22:24] - 0512512 ____A (Microsoft Corporation) 7C9068532F0D39A8A1D57211785838EC


#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:59 PM

Posted 05 January 2014 - 06:50 AM

Hi,

 

 
Please download the following file => [attachment=145585:fixlist.txt] and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#9 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 05 January 2014 - 04:33 PM

Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1719944 2013-04-01] (Ask)
C:\Program Files (x86)\Ask.com
SearchScopes: HKCU - DefaultScope {9D889B76-8A13-45E7-8AC7-890432B7B43A} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3318920&CUI=UN31770359721571121&UM=2
BHO-x32: ooVoo toolbar, powered by Ask.com - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - ooVoo toolbar, powered by Ask.com - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
FF Extension: No Name - C:\Users\Ian McQuilkin\AppData\Roaming\Mozilla\Firefox\Profiles\cwhr6fj0.default-1375502143584\Extensions\{ed541409-a451-4021-921f-0b66f3196e57}
FF HKLM\...\Firefox\Extensions: [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}] - C:\Program Files\Updater By SweetPacks\Firefox
CHR HKLM-x32\...\Chrome\Extension: [gddejphgogdngaihfpebjpmlkjjhmikc] - C:\Users\Ian McQuilkin\AppData\Local\CRE\gddejphgogdngaihfpebjpmlkjjhmikc.crx
2014-01-02 18:02 - 2014-01-02 18:02 - 00037376 _____ C:\Windows\system32\ohjd.jci
2014-01-02 17:51 - 2014-01-04 22:01 - 00000080 _____ C:\Windows\system32\pssvvzt.zjj
2014-01-02 17:50 - 2014-01-02 18:02 - 00000096 _____ C:\Windows\system32\eloevi.gdp
2014-01-02 17:50 - 2014-01-02 17:50 - 00000064 _____ C:\Windows\system32\mosh.dnb
2014-01-02 17:34 - 2014-01-02 17:34 - 00219314 ____S C:\Windows\system32\sygh.jtc
Task: {609A2B6E-72BF-43EE-8C16-578A551E8C9D} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-01] ()
Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll C:\Windows\System32\rpcss.dll
C:\Users\Ian McQuilkin\AppData\Local\Temp
end
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully.
C:\Program Files (x86)\Ask.com => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D889B76-8A13-45E7-8AC7-890432B7B43A} => Key deleted successfully.
HKCR\CLSID\{9D889B76-8A13-45E7-8AC7-890432B7B43A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
C:\Users\Ian McQuilkin\AppData\Roaming\Mozilla\Firefox\Profiles\cwhr6fj0.default-1375502143584\Extensions\{ed541409-a451-4021-921f-0b66f3196e57} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gddejphgogdngaihfpebjpmlkjjhmikc => Key deleted successfully.
"C:\Users\Ian McQuilkin\AppData\Local\CRE\gddejphgogdngaihfpebjpmlkjjhmikc.crx" => File/Directory not found.
C:\Windows\system32\ohjd.jci => Moved successfully.
C:\Windows\system32\pssvvzt.zjj => Moved successfully.
Could not move "C:\Windows\system32\eloevi.gdp" => Scheduled to move on reboot.
C:\Windows\system32\mosh.dnb => Moved successfully.
Could not move "C:\Windows\system32\sygh.jtc" => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{609A2B6E-72BF-43EE-8C16-578A551E8C9D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{609A2B6E-72BF-43EE-8C16-578A551E8C9D} => Key deleted successfully.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully.
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll
 
"C:\Users\Ian McQuilkin\AppData\Local\Temp" directory move:
 
C:\Users\Ian McQuilkin\AppData\Local\Temp\3F8F.exe => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\Attach.txt => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_2720.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_2756.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_2944.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_3244.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_3716.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_4292.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_4444.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_4576.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\bitrock_installer_4872.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DDS.txt => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\dd_vcredistMSI5C25.txt => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\dd_vcredistUI5C25.txt => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\drm_dyndata_7380014.dll => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWH165E.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWH2A8A.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWH3FBE.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWH5D.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWH5FBD.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWH7BE5.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWH908.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWHB80A.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWHC293.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWHE38C.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWHECA2.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\DWHFFA5.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\etilqs_aZE5LySmwNjbO6d => Moved successfully.
Could not move "C:\Users\Ian McQuilkin\AppData\Local\Temp\etilqs_EYn0wWyaTGedupG" => Scheduled to move on reboot.
Could not move "C:\Users\Ian McQuilkin\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Ian McQuilkin\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\MSI4c1d8.LOG => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\offercast.exe => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\oobelib.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\oovoosetup.msi => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\PDApp.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\SSUF43D.tmp => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\tbVis0.dll => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\users00 => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\~DF5BC77FEBE7212773.TMP => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\{88B05038-C890-468B-A563-0015FD53CDC3}\ArcCon.dll => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\SUPERSetup\languages.txt => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\SUPERSetup\setup.db3 => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\SUPERSetup\setup.dll => Moved successfully.
Could not move "C:\Users\Ian McQuilkin\AppData\Local\Temp\Skype\DbTemp\temp-gHesfMf46c9H4e6E01WYUcl8" => Scheduled to move on reboot.
Could not move "C:\Users\Ian McQuilkin\AppData\Local\Temp\Skype\DbTemp\temp-RaVMrATsarAKhx2Fxvm78EZm" => Scheduled to move on reboot.
C:\Users\Ian McQuilkin\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\AdobeDownload\DLM.log => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\3576_17707\crl-set => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\3576_17707\manifest.fingerprint => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\3576_17707\manifest.json => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\2920_7930\crl-set => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\2920_7930\manifest.fingerprint => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\2920_7930\manifest.json => Moved successfully.
Could not move "C:\Users\Ian McQuilkin\AppData\Local\Temp" directory. => Scheduled to move on reboot.
 
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-05 16:29:08)<=
 
C:\Windows\system32\eloevi.gdp => Is moved successfully.
C:\Windows\system32\sygh.jtc => Moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\etilqs_EYn0wWyaTGedupG => Is moved successfully.
"C:\Users\Ian McQuilkin\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => File could not move.
C:\Users\Ian McQuilkin\AppData\Local\Temp\Skype\DbTemp\temp-gHesfMf46c9H4e6E01WYUcl8 => Is moved successfully.
C:\Users\Ian McQuilkin\AppData\Local\Temp\Skype\DbTemp\temp-RaVMrATsarAKhx2Fxvm78EZm => Is moved successfully.
"C:\Users\Ian McQuilkin\AppData\Local\Temp" => Directory could not move.
 
==== End of Fixlog ====


#10 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:59 PM

Posted 05 January 2014 - 07:18 PM

Hi,

 

How are the things now?

 

I want to make sure there is nothing lurking on the system so just in case I want you to go through these steps:

 

 

 

STEP 1

 

 

  • Please download RogueKiller.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 2
 

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    JtwHB.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 3

 

 

Please download Malwarebytes Anti-Rootkit mbamicontw5.gif and save it to your desktop.

  • Be sure to print out and follow these instructions for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.

Note: Further documentation on this tool can be found in the ReadMe.rtf file which is located in the Malwarebytes Anti-Rootkit (mbar) folder.

 

 

STEP 4

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

 

 

STEP 5

 

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

and then if there aren't any issues left I'll give you my final recommendations. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#11 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 05 January 2014 - 08:35 PM

Hey I'm not sure whether I should delete all the entries found from  RogueKiller but here is the scan .txt http://pastebin.com/NMq3FG0p



#12 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 05 January 2014 - 08:52 PM

Here is the TDSSKILLER results http://pastebin.com/A9LzsqSz



#13 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 05 January 2014 - 09:16 PM

Before running TDSSKILLER I heard an ad play for about a second before being cut out. Just ran the malware rootkiller and it came up with no cleanup needed, here is the log. 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.612000 GHz
Memory total: 8532635648, free: 5921525760
 
Downloaded database version: v2014.01.06.01
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
     01/05/2014 20:55:28
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\13042980.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\Drivers\SEP\0C01044D\0191.105\x64\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\Drivers\SEP\0C01044D\0191.105\x64\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\Drivers\SEP\0C01044D\0191.105\x64\SRTSP64.SYS
\SystemRoot\system32\Drivers\SEP\0C01044D\0191.105\x64\Ironx64.SYS
\SystemRoot\system32\Drivers\SEP\0C01044D\0191.105\x64\SRTSPX64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\VirusDefs\20140104.006\EX64.SYS
\??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\VirusDefs\20140104.006\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\Teefer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\Drivers\SysPlant.sys
\SystemRoot\system32\Drivers\SEP\0C01044D\0191.105\x64\SYMNETS.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rtlh64.sys
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\hcwE5bda.sys
\SystemRoot\system32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Data\Definitions\IPSDefs\20140103.001\IDSvia64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\sysferThunk.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\shell32.dll
\Windows\System32\gdi32.dll
\Windows\System32\kernel32.dll
\Windows\System32\ole32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\clbcatq.dll
\Windows\System32\sechost.dll
\Windows\System32\difxapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\wininet.dll
\Windows\System32\ws2_32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\msctf.dll
\Windows\System32\nsi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\usp10.dll
\Windows\System32\urlmon.dll
\Windows\System32\iertutil.dll
\Windows\System32\Wldap32.dll
\Windows\System32\setupapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\imm32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\lpk.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007d92060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000073\
Lower Device Object: 0xfffffa8007ae1060
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007d92060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007d92b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007d92060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007ae5040, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa8007ae1060, DeviceName: \Device\00000073\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 167F0D36
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 976564224
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished


#14 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 05 January 2014 - 09:35 PM

Have not heard a thing!

 

HitmanPro 3.7.8.208
www.hitmanpro.com
 
   Computer name . . . . : IANMCQUILKIN-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : IanMcQuilkin-PC\Ian McQuilkin
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Trial (27 days left)
 
   Scan date . . . . . . : 2014-01-05 21:23:19
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 13s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 578
 
   Objects scanned . . . : 1,510,754
   Files scanned . . . . : 51,545
   Remnants scanned  . . : 490,484 files / 968,725 keys
 
Suspicious files ____________________________________________________________
 
   C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\BF4\pb\PnkBstrK.sys
      Size . . . . . . . : 139,552 bytes
      Age  . . . . . . . : 36.9 days (2013-11-30 00:45:31)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 7A47CB7814643DAFDF81D3E2E03C60A162A49525962ECE651187371853E507E5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbcl.dll
      Size . . . . . . . : 966,976 bytes
      Age  . . . . . . . : 21.9 days (2013-12-14 23:48:22)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CF6376BB6F71B328810D8FB2B296D0C64FFE8A745E049CF4C56B5E8B0BC1A10B
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.
      Forensic Cluster
         -10.9s C:\Ubisoft\Ghost Recon Online\NCSA-Live\Sound.ini
         -0.0s C:\Ubisoft\Ghost Recon Online\NCSA-Live\pb\pbcl.db
         -0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\
         -0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\
         -0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbclgame.cfg
         -0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbcl.db
          0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbcl.dll
          0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbag.dll
          0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\scrnshot\
          0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\dll\
          0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\htm\
          0.3s C:\Ubisoft\Ghost Recon Online\NCSA-Live\KeyMappingsPC.ini
          1.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\PnkBstrB.exe
          1.1s C:\Ubisoft\Ghost Recon Online\NCSA-Live\YetiShadersPC2_bak.sdf
          1.6s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbns_c.dat
          4.4s C:\Windows\SysWOW64\PnkBstrB.xtr
         13.7s C:\Ubisoft\Ghost Recon Online\NCSA-Live\GeneralOption.ini
         16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\PnkBstrK.sys
         17.5s C:\Ubisoft\Ghost Recon Online\NCSA-Live\gro.cache.ucc
 
   C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\PnkBstrK.sys
      Size . . . . . . . : 139,056 bytes
      Age  . . . . . . . : 21.9 days (2013-12-14 23:48:38)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : C6453FC702DF94D88937961A8D5BE0D84E250396F313AB0C207673B4BD95F15F
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
      Forensic Cluster
         -27.4s C:\Ubisoft\Ghost Recon Online\NCSA-Live\Sound.ini
         -16.4s C:\Ubisoft\Ghost Recon Online\NCSA-Live\pb\pbcl.db
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbclgame.cfg
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbcl.db
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbcl.dll
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbag.dll
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\scrnshot\
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\dll\
         -16.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\htm\
         -16.2s C:\Ubisoft\Ghost Recon Online\NCSA-Live\KeyMappingsPC.ini
         -15.4s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\PnkBstrB.exe
         -15.4s C:\Ubisoft\Ghost Recon Online\NCSA-Live\YetiShadersPC2_bak.sdf
         -14.8s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\pbns_c.dat
         -12.0s C:\Windows\SysWOW64\PnkBstrB.xtr
         -2.7s C:\Ubisoft\Ghost Recon Online\NCSA-Live\GeneralOption.ini
          0.0s C:\Users\Ian McQuilkin\AppData\Local\PunkBuster\GRO\pb\PnkBstrK.sys
          1.1s C:\Ubisoft\Ghost Recon Online\NCSA-Live\gro.cache.ucc
 
 
Potential Unwanted Programs _________________________________________________
 
   C:\Program Files (x86)\Conduit\ (Conduit)
   C:\Program Files (x86)\Conduit\Community Alerts\ (Conduit)
   C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (Conduit)
      Size . . . . . . . : 638,560 bytes
      Age  . . . . . . . : 96.5 days (2013-10-01 09:03:38)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : F22E58CDFE94D4A5FBBF2795A743B167ED9923E289E14654631E0077DD306C1D
      Product  . . . . . : Alert
      Publisher  . . . . : Conduit Ltd.
      Description  . . . : Alert
      Version  . . . . . : 1.1.4.1
      Copyright  . . . . : Copyright © Conduit Ltd. 2011.
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -7.0
 
   C:\Program Files (x86)\Conduit\CT3318920\plugins\ (Conduit)
   C:\Program Files (x86)\Conduit\CT3318920\plugins\TBVerifier.dll (Conduit)
      Size . . . . . . . : 287,008 bytes
      Age  . . . . . . . : 142720.0 days (1623-04-05 22:27:19)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 5C5DBD34B29166AFD819358EEBE522E3562816D08E721965B0005128D8A8B1C4
      Product  . . . . . : Conduit Toolbar Verifier
      Publisher  . . . . : Conduit Ltd.
      Description  . . . : Conduit Toolbar Verifier
      Version  . . . . . : 1.0.6.0
      Copyright  . . . . : Copyright © 2013 All Rights Reserved
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -7.0
 
   C:\Program Files (x86)\Mobogenie\ (Rocketfuel)
   C:\Program Files (x86)\Mobogenie\mgusb.exe (Rocketfuel)
      Size . . . . . . . : 88,256 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:54:03)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : AD59BA08A3C4828E5B1129903FDCCD5E28F5D430A960A9CC417BBB678ED90076
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
      Forensic Cluster
          0.0s C:\Program Files (x86)\Mobogenie\mgusb.exe
          0.0s C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\mgusb.exe.vir
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\aapt.exe (Rocketfuel)
      Size . . . . . . . : 852,160 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : DF39103525D353F7AA5834543CC0F87190FABB8FE6BE238CEC7C1DBB626C5D1D
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\AutoItX3.dll (Rocketfuel)
      Size . . . . . . . : 325,376 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : B53A2FC2E9DB2C061E271554B7DC5008BCE2E375B9D20EECC25826AE169F2927
      Product  . . . . . : AutoIt v3 ActiveX Control
      Publisher  . . . . : AutoIt Team
      Description  . . . : AutoIt v3 ActiveX Control
      Version  . . . . . : 3.3.8.1
      Copyright  . . . . : ©1999-2012 Jonathan Bennett & AutoIt Team
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -6.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\AutoItX3_x64.dll (Rocketfuel)
      Size . . . . . . . : 382,208 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : 64B60C192709CE3F0F96673146997D616B407E982F96A1F10350D9D22D5F7102
      Product  . . . . . : AutoIt v3 ActiveX Control
      Publisher  . . . . : AutoIt Team
      Description  . . . : AutoIt v3 ActiveX Control
      Version  . . . . . : 3.3.8.1
      Copyright  . . . . : ©1999-2012 Jonathan Bennett & AutoIt Team
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -6.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\CrashReport.exe (Rocketfuel)
      Size . . . . . . . : 460,480 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : F7EC39471DEFB4BE93B7B8B465F556FF914CEBFBD040386EEC2B940163C1A257
      Product  . . . . . :  CrashReport
      Publisher  . . . . : Changyou.com limited
      Description  . . . : CrashRepoprt
      Version  . . . . . : 0.0.1.8
      Copyright  . . . . : (C) 2008-2012 Changyou.com Limited.All Rights Reserved
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -6.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\CrashRpt.dll (Rocketfuel)
      Size . . . . . . . : 111,296 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : E3BF0A444BEE9D2BB1522F9AA6233CE8819D3742DA9CC2223A179F15700CA103
      Product  . . . . . : TODO: <Product name>
      Publisher  . . . . : changyou
      Description  . . . : CrashReport动态版本
      Version  . . . . . : 0.0.1.8
      Copyright  . . . . : Copyright (C) 2012
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -6.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\DaemonProcess.exe (Rocketfuel)
      Size . . . . . . . : 761,024 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 6E8BB755E04972DEDD627C90ED29BF9E3AF267838CAC8862EE28974758C8F739
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\devcon_x64.exe (Rocketfuel)
      Size . . . . . . . : 85,696 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.1
      SHA-256  . . . . . : 6326091F6EED13FD809A4F76386B91B06BDF4527F7F817E1EFF225D9AABE791A
      Product  . . . . . : Microsoft® Windows® Operating System
      Publisher  . . . . : Microsoft Corporation
      Description  . . . : Windows Setup API
      Version  . . . . . : 6.1.7600.16385
      Copyright  . . . . : © Microsoft Corporation. All rights reserved.
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -6.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\devcon_x86.exe (Rocketfuel)
      Size . . . . . . . : 81,600 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.2
      SHA-256  . . . . . : F813ED582075E16349472570F25999ED9F5B43FC7B91A2138003FCFA0B886F07
      Product  . . . . . : Microsoft® Windows® Operating System
      Publisher  . . . . : Microsoft Corporation
      Description  . . . : Windows Setup API
      Version  . . . . . : 6.1.7600.16385
      Copyright  . . . . : © Microsoft Corporation. All rights reserved.
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -6.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\DriverInstall_x64.exe (Rocketfuel)
      Size . . . . . . . : 322,752 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : 2E741E1172D7A389B4419EB4DD5234C8614E78A9B3D638CC3E11C59F01431510
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\DriverInstall_x86.exe (Rocketfuel)
      Size . . . . . . . : 271,040 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 9EEFD0D19D57226A90A7EFB23A8A46FE19B8962CB6761D35AC992EA76F6A2A96
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\qgif4.dll (Rocketfuel)
      Size . . . . . . . : 26,624 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : 8DB40AF7DB8905F8A8D09B47F4DDD92DA98D43339E0ED1A8DED16F5DCB4435A7
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\qico4.dll (Rocketfuel)
      Size . . . . . . . : 28,672 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 012BA162D24775627826794A8AACD0DC42BCFE15A4A134D42E268F1A6601FB09
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\qjpeg4.dll (Rocketfuel)
      Size . . . . . . . : 201,216 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 3F51A82CE27FEBC2B411925A449B9D3B8EF91D081D61559A580389306AF22D77
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\qmng4.dll (Rocketfuel)
      Size . . . . . . . : 222,208 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 76E6DB525229610BD7D7660E9B9BAC3B2756C92132152E5078F7D7E2E78C0640
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\qsvg4.dll (Rocketfuel)
      Size . . . . . . . : 21,504 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.9
      SHA-256  . . . . . : 3611EF453FF5F99B738B22C92C90C1EE2F5C98D6E2B1B5F2828C080A7B469894
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\qtga4.dll (Rocketfuel)
      Size . . . . . . . : 19,968 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.9
      SHA-256  . . . . . : DF6C56AA679B05CD0F2C9BD58574B1AE9D3E9A304FDA8591999216FF9C357356
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats\qtiff4.dll (Rocketfuel)
      Size . . . . . . . : 287,232 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.6
      SHA-256  . . . . . : 617F7E64A0AEFDD162A8E4747344F7ABD7D05A631FC3B14A7647B5C7B678285A
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\libeay32.dll (Rocketfuel)
      Size . . . . . . . : 1,178,624 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.8
      SHA-256  . . . . . : B2F7887AE0BD418724EB32D3449197551A0895F2C764A933A7BD984F187EAB78
      Product  . . . . . : The OpenSSL Toolkit
      Publisher  . . . . : The OpenSSL Project, http://www.openssl.org/
      Description  . . . : OpenSSL Shared Library
      Version  . . . . . : 1.0.1e
      Copyright  . . . . : Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\lsusb.exe (Rocketfuel)
      Size . . . . . . . : 36,544 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 12FED85F536958102DC22C103FD5E3C4CE35653DB22A3C0137FAF28086D35CAE
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\mgadb.exe (Rocketfuel)
      Size . . . . . . . : 4,356,616 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.9
      SHA-256  . . . . . : EE20DFA59A8AD5F2DACAF2A6C13EC23B97A38E65F675E62803711DC0F6560B5B
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\mgusb.exe (Rocketfuel)
      Size . . . . . . . : 88,256 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : AD59BA08A3C4828E5B1129903FDCCD5E28F5D430A960A9CC417BBB678ED90076
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\Mobogenie.exe (Rocketfuel)
      Size . . . . . . . : 7,152,832 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.9
      SHA-256  . . . . . : 2890D9843528AAEDDF752E40BF14D0AC7E47E7C325BA4469D77F7342DE352223
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\nengine.dll (Rocketfuel)
      Size . . . . . . . : 1,283,584 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 63EB9F4A508FD03CC44DB0B761FAF5986CC8A7C9947ADFD957D1A28FB956DDBC
      Product  . . . . . : nengine 
      Publisher  . . . . : NewNextDotMe
      Description  . . . : NewNext Helper Engine
      Version  . . . . . : 0.3.2.0
      Copyright  . . . . : Copyright (C) 2013
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\OutlookOperatorC.exe (Rocketfuel)
      Size . . . . . . . : 579,776 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 5.6
      SHA-256  . . . . . : 872D989A96810CD1516748D503296347BE6C82751E4F3249A9D1DD15DAA1B114
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\phonon4.dll (Rocketfuel)
      Size . . . . . . . : 270,848 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 9D356212E9FA05A72B377C169E9AB5DAF4F6D300F744F164343970666D66DA80
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.4.0.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\phonon_backend\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\phonon_backend\phonon_ds94.dll (Rocketfuel)
      Size . . . . . . . : 197,120 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : C7F8DD0B0CBA135EEE6C145C10D041C4463A81E11FB965F2DA6D931CF28A257D
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\QtCore4.dll (Rocketfuel)
      Size . . . . . . . : 2,576,384 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 182C0AB9EA5948E2F71A04CFAFCC352213F82B9FCE6A4FE373AF61108C196177
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\QtGui4.dll (Rocketfuel)
      Size . . . . . . . : 8,571,392 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 9E4B5D153FD6B1FFAD6F8585D74E4EBFFD38BA45454E5BBE169ACC5E5929F8BD
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\QtNetwork4.dll (Rocketfuel)
      Size . . . . . . . : 1,052,160 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : D5723C58E349E855E6EB6235FFB298F6357AA01C4A825E686891F6B5BF24A53B
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\QtSql4.dll (Rocketfuel)
      Size . . . . . . . : 201,728 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : A6B038FEFB6A48B76DF34F8628D08DE5CEB1E9E105993CB2570CEA7A1C243B25
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\QtWebKit4.dll (Rocketfuel)
      Size . . . . . . . : 13,109,248 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 1C70723E7D34DEA0BDCB53F15EC7E0C34643EE6C293773465E2934C9BE2EF86D
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.9.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\shortcut.ico (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\sqldrivers\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\sqldrivers\qsqlite4.dll (Rocketfuel)
      Size . . . . . . . : 470,528 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 007FD69560CDDBC60F264EBC3DF7E8D9E3BFB4F66E227DE114E48B6685E0EF15
      Product  . . . . . : Qt4
      Publisher  . . . . : Nokia Corporation and/or its subsidiary(-ies)
      Description  . . . : C++ application development framework.
      Version  . . . . . : 4.8.3.0
      Copyright  . . . . : Copyright (C) 2012 Nokia Corporation and/or its subsidiary(-ies).
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\ssleay32.dll (Rocketfuel)
      Size . . . . . . . : 269,824 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:20)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 1E6FB714037D30A6809AC7D1A46F63A8BB858BF33C97AFAA3DDA0D42C337DDEC
      Product  . . . . . : The OpenSSL Toolkit
      Publisher  . . . . : The OpenSSL Project, http://www.openssl.org/
      Description  . . . : OpenSSL Shared Library
      Version  . . . . . : 1.0.1e
      Copyright  . . . . : Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.
      Fuzzy  . . . . . . : 1.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\compileBench.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\jslitmus.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\templatesBench.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\templating\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\templating\doT.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\templating\doU.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\doT.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\doT.min.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\doU.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\examples\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\examples\customdoT.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\examples\withdoT.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\index.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\test\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\test\testdoT.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\bootstrap-typeahead.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\doT.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\ejs.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\ejs_production.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\jquery-1.8.3.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\jquery.prettyPhoto.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries\undercore.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\language.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\language.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\barball.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\iframe.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\picture.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\video.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\welcome.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna\window.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\interface_app.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\interface_contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\interface_download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\interface_downloadCenter.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\interface_image.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\interface_message.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\interface_vedio.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface\moduleInteface.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\backbone.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\bootstrap-typeahead.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\doT.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\ejs.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\eventProxy.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\jcarousellite.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\jquery-1.8.3.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\jquery.jtips.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\jquery.prettyPhoto.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\require.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib\undercore.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\app_common.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\app_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\app_nav.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\app_right.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\app_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\local_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\system_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\update_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app\update_model.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\contact\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\contact\contact.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\contact\contact_letter.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\contact\contact_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\download_common.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\download_dialog_common.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\download_dialog_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\download_dialog_nav.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\download_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\download_nav.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download\download_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\driver\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\driver\driver.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\driver\PicSlider.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\image\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\image\image_common.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\image\image_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\image\image_nav.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\image\image_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_common.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_main_uc.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_main_weinan.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_nav.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_nav_uc.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\MESSAGE_NEW.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_right.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_right_uc.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\message_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message\messageDialog.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\music.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\subject\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\subject\subject.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\subject\subject_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\ui\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\ui\menu.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\ui\super_grid.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\vedio\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\vedio\vedio_common.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\vedio\vedio_main.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\vedio\vedio_nav.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\vedio\vedio_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\vedio\video_temp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\appTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\contactTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\downloadTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\imageTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\messageTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\musicTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\vedioTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp\videoTemp.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\pb\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\pb\config.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\DB.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\DeviceUtil.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\dialog.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\dialog_pop.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\domain_config.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\EventProxyCenter.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\I18nUtil.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\log.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\module.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\navigation.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\prograss.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\PropertyUtil.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\search.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util\util.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\welcome\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\welcome\sysCallback.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\welcome\welcome_ok.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\dialog\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\dialog\backup_all.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\dialog\restore_all.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\category_switch.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\download_animate.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\iframe_download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\loading.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\lottery.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\recommed.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\recommend2.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\recommend3.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\recommendForNew.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\appTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\gameTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\genieTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\homeTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\imageTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\musicTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\phoneTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\vedioTab.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\connect\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\connect\connect.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\download\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\download\download.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\download\download_collection.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\download\download_model.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\download\download_view.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\notice\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\notice\notice.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\webnotify.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\uninst.exe (Rocketfuel)
      Size . . . . . . . : 130,923 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:21)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : F8C356801FE7ACE93D90AB330440FD5D5C841455B57166ABAA284DDD527E3C23
      Fuzzy  . . . . . . : 11.0
 
   C:\Users\Ian McQuilkin\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\UpdateMoboGenie.exe (Rocketfuel)
      Size . . . . . . . : 661,184 bytes
      Age  . . . . . . . : 20.9 days (2013-12-15 23:55:21)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : FD31A325BBF3FC9AA35743B1DA58A749875ACBA01B2679FA9EECFAB214021286
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 0.0
 
   C:\Users\Ian McQuilkin\AppData\LocalLow\AskToolbar\ (AskBar)
   C:\Users\Ian McQuilkin\AppData\LocalLow\Conduit\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\LocalLow\Conduit\Community Alerts\Dialogs\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\ (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\LocalLow\Conduit\Community Alerts\Dialogs\DialogsAPI.js (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\LocalLow\Conduit\Community Alerts\Dialogs\PIE.htc (Rocketfuel)
   C:\Users\Ian McQuilkin\AppData\LocalLow\Conduit\Community Alerts\Dialogs\settings.js (Rocketfuel)
   C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar)
   C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1033.MST (AskBar)
   C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe (AskBar)
      Size . . . . . . . : 147,456 bytes
      Age  . . . . . . . : 369.1 days (2013-01-01 18:30:41)
      Entropy  . . . . . : 3.4
      SHA-256  . . . . . : 49196C084270884F650DECDD524918D262CD6D8442E16B0C41AB21B1E7DA628F
      Product  . . . . . : InstallShield
      Publisher  . . . . : Acresso Software Inc.
      Description  . . . : InstallShield
      Version  . . . . . : 16.0.328
      Copyright  . . . . : Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.
      Fuzzy  . . . . . . : 0.0
 
   HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ (AskBar)
   HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ (AskBar)
   HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar)
   HKLM\SOFTWARE\Classes\s\ (Softonic)
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\ (Rocketfuel)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd\ (Rocketfuel)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Conduit\ (Rocketfuel)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd\ (Rocketfuel)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mobilegeni daemon (Rocketfuel)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar)
   HKU\.DEFAULT\Software\AskToolbar\ (AskBar)
   HKU\S-1-5-18\Software\AskToolbar\ (AskBar)
   HKU\S-1-5-21-93037906-805889245-3321811474-1000\Software\AppDataLow\Software\SmartBar\ (Conduit)
   HKU\S-1-5-21-93037906-805889245-3321811474-1000\Software\Ask.com\ (AskBar)
   HKU\S-1-5-21-93037906-805889245-3321811474-1000\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-93037906-805889245-3321811474-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
 
Cookies _____________________________________________________________________
 
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:chitika.net
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:network.realmedia.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool-eu-ie.creative-serving.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.adotube.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:timeinc.122.2o7.net
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\Ian McQuilkin\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\CLUN3EH5.txt
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\CTD0J6UZ.txt
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\IHMIU367.txt
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\J5AH1W4L.txt
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\MROZP6DO.txt
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\OH01IJ0O.txt
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\QE0U0FIR.txt
   C:\Users\Ian McQuilkin\AppData\Roaming\Microsoft\Windows\Cookies\SZR5T9UQ.txt
 
 


#15 iman1323

iman1323
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:59 AM

Posted 05 January 2014 - 09:37 PM

 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Symantec Endpoint Protection   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 17  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox 24.0 Firefox out of Date!  
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users