Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bee Coupons - can't find a removal option that works on my PC


  • This topic is locked This topic is locked
10 replies to this topic

#1 JoeyRobertParks

JoeyRobertParks

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:00 AM

Posted 19 February 2014 - 06:17 PM

** I sent this and posted it on bleepingcomputer.com on Feb 19 **
 
Like others before me, I've got the nasty Bee Coupon affecting Google Chrome by underlining words on my pages and popping up adverts on the bottom and right corner of the screen every now and again. It's also massively slowing down browser windows open to a crawl. 
 
I've tried every solution checklist I can find, but to no avail. Automated programs don't seem to run on my Windows 7, 64-bit system. I've run CCleaner, Mallwarebytes (installed after the infection), and I have Norton360. I'm at my wit's end, but prepared to follow someone's exact instructions to see if we can get rid of this thing. The most I've managed to accomplish is to get it grayed out on my list of Google Chrome extensions, but I can't remove or delete it. Oh, now it's not grayed out anymore. Hmmm...I even went so far as to reset Chrome to the default setting. It was a last resort, but the darn thing is still there under extensions. I need to know 100% that this thing is gone. I've been seeing pop ups that don't have any 'bee coupons' listed on them, so maybe I have another infection I'm unaware of?
 
I'll patiently away the assistance of a kind soul who's eager to help make my day!
 
But first, the dds.txt log:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by WordsmithLLC at 16:02:59 on 2014-02-19
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16071.12725 [GMT -7:00]
.
AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.24\AsusFanControlService.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
Y:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
Y:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
Y:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
Y:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
F:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Y:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Y:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\WordsmithLLC\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Users\WordsmithLLC\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
Y:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
C:\Users\WordsmithLLC\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
Y:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Z:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\splwow64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - Y:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll
TB: Net Reader: {FEEEB9C2-E466-4A83-876C-6FD2DDF1A3D1} - Y:\Program Files (x86)\AudioBookCreator.com\netReader.dll
uRun: [Akamai NetSession Interface] "C:\Users\WordsmithLLC\AppData\Local\Akamai\netsession_win.exe"
uRun: [Google Update] "C:\Users\WordsmithLLC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
uRun: [Spotify Web Helper] "C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
mRun: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
mRun: [TrueImageMonitor.exe] "Y:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [Acrobat Assistant 8.0] "Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "Z:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRun: [Norton Download Manager{N360P211018-SHPD-FSD40014}] C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe /m
StartupFolder: C:\Users\WORDSM~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\WordsmithLLC\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - Y:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Clip Image - C:\Users\WordsmithLLC\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Users\WordsmithLLC\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Users\WordsmithLLC\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Users\WordsmithLLC\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: New Note - C:\Users\WordsmithLLC\AppData\Local\Apps\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - Y:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - y:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - Y:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://www.fcd.maricopa.gov/maps/gismaps/plugin/mgaxctrl6.5.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{06C430C5-F757-4CC7-AC0C-8B069CA0DEBB} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{84987090-AFB0-412F-A4ED-1F7B6C55AED5} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{84987090-AFB0-412F-A4ED-1F7B6C55AED5}\2656C6B696E6E2231353 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - Y:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /DTSU2P 
x64-Run: [LogMeIn GUI] "Y:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 54.225.95.126 gcbkfpidjhchgnokamccdemjfamackdh
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2012-12-23 155272]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-28 16152]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2013-11-18 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2013-11-18 1147480]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2012-12-23 1093256]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2012-12-23 228488]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2012-12-23 166024]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-2-18 1526488]
R1 ccSet_MCLIENT;Norton One Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [2013-11-18 168096]
R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-11-18 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140218.001\IDSviA64.sys [2014-2-18 521944]
R1 ndisrd;WinpkFilter LightWeight Filter;C:\Windows\System32\drivers\ndisrd.sys [2012-9-22 32360]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2013-11-18 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2013-11-18 590936]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-12-23 3696632]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2011-10-28 918448]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-2-2 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-9-22 586880]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.24\AsusFanControlService.exe [2012-9-22 1489024]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2014-2-9 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2014-2-9 55296]
R2 DeviceMonitorService;DeviceMonitorService;Y:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2011-9-19 87368]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2011-6-5 296808]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-8-28 225280]
R2 GJServiceV5;Game Jackal Server v5;Y:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe [2014-2-16 4502200]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-28 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-8-28 178344]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-28 161560]
R2 LMIGuardianSvc;LMIGuardianSvc;Y:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2013-10-14 376144]
R2 LMIInfo;LogMeIn Kernel Information Provider;Y:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-4-30 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-10-17 72216]
R2 MBAMScheduler;MBAMScheduler;Y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-19 418376]
R2 MBAMService;MBAMService;Y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-19 701512]
R2 MCLIENT;Norton One;C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe [2013-11-18 143928]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2013-11-18 264360]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-7-26 216080]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [2012-8-28 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [2012-8-28 126392]
R2 QuickBooksDB17;QuickBooksDB17;F:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 --> F:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2014-2-9 291352]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-8-18 7017888]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-28 363800]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2012-12-23 367200]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-26 137648]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-9-22 169752]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-17 26136]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-10-28 449496]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-28 355096]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-28 786200]
R3 MaplomL;MaplomL;C:\Windows\System32\drivers\maploml.sys [2014-2-16 60472]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-19 25928]
R3 TotRec8;Total Recorder WDM audio filter driver;C:\Windows\System32\drivers\TotRec8.sys [2012-8-28 123152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-2-13 2151200]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 DbusAudio;DbusAudio;C:\Windows\System32\drivers\DbusAudio.sys [2014-1-6 34040]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-2-3 17480]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-2-3 9800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-29 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-29 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-29 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2012-9-24 16384]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-28 1255736]
S3 WsAudio_Device(1);WsAudio_Device(1);C:\Windows\System32\drivers\VirtualAudio1.sys [2014-1-6 31080]
S3 WsAudio_Device(2);WsAudio_Device(2);C:\Windows\System32\drivers\VirtualAudio2.sys [2014-1-6 31080]
S3 WsAudio_Device(3);WsAudio_Device(3);C:\Windows\System32\drivers\VirtualAudio3.sys [2014-1-6 31080]
S3 WsAudio_Device(4);WsAudio_Device(4);C:\Windows\System32\drivers\VirtualAudio4.sys [2014-1-6 31080]
S3 WsAudio_Device(5);WsAudio_Device(5);C:\Windows\System32\drivers\VirtualAudio5.sys [2014-1-6 31080]
.
=============== File Associations ===============
.
FileExt: .js: JSFile="y:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe" "%1"
.
=============== Created Last 30 ================
.
2014-02-19 22:43:07 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-19 21:24:32 -------- d-----w- C:\Windows\ERUNT
2014-02-19 21:18:07 -------- d-----w- C:\Program Files\CCleaner
2014-02-19 19:51:08 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2014-02-19 19:49:29 -------- d-----w- C:\Intel
2014-02-19 19:42:40 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2014-02-19 16:53:37 -------- d-----w- C:\Windows\Lhsp
2014-02-19 06:01:38 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-02-19 06:01:37 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4598EC53-E9D2-468D-A81F-EB41E479451F}\mpengine.dll
2014-02-19 05:55:38 -------- d-----w- C:\Users\WordsmithLLC\AppData\Roaming\DigitalSites
2014-02-17 02:37:36 -------- d-----w- C:\ProgramData\boost_interprocess
2014-02-17 02:34:30 -------- d-----w- C:\AdwCleaner
2014-02-17 00:24:37 -------- d-----w- C:\Users\WordsmithLLC\AppData\Local\DOSBox
2014-02-16 23:42:05 60472 ----a-w- C:\Windows\System32\drivers\maploml.sys
2014-02-16 23:42:05 35384 ----a-w- C:\Windows\System32\drivers\maplom.sys
2014-02-16 23:22:34 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2014-02-16 23:13:40 239616 ----a-w- C:\Windows\SysWow64\Hdk3ctnt.dll
2014-02-15 18:48:18 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared
2014-02-15 05:10:40 -------- d-----w- C:\Users\WordsmithLLC\AppData\Roaming\Youtube Downloader HD
2014-02-13 19:12:23 34080 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2014-02-13 19:12:05 121856 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll
2014-02-13 18:24:18 -------- d-----w- C:\ProgramData\ProductData
2014-02-13 18:24:17 -------- d-----w- C:\Program Files (x86)\IObit
2014-02-13 18:24:08 -------- d-----w- C:\ProgramData\IObit
2014-02-13 18:24:08 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-13 18:23:39 -------- d-----w- C:\Users\WordsmithLLC\AppData\Roaming\IObit
2014-02-12 09:05:35 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-10 08:03:54 -------- d-----w- C:\Program Files\Common Files\Microsoft
2014-02-10 08:03:54 -------- d-----w- C:\Program Files\AdwareRemovalToolv3.7
2014-02-10 07:16:21 -------- d-----w- C:\ProgramData\VideoDownloaderUltimate
2014-02-10 03:57:55 -------- d-----w- C:\ProgramData\Belkin
2014-02-10 03:57:55 -------- d-----w- C:\Program Files\Belkin
2014-02-10 03:57:34 291352 ----a-w- C:\Windows\System32\drivers\sxuptp.sys
2014-02-10 03:57:26 -------- d-----w- C:\ProgramData\Affinegy
2014-02-10 03:57:26 -------- d-----w- C:\Program Files (x86)\Belkin
2014-02-08 06:51:40 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2014-02-08 06:51:31 98304 ----a-w- C:\Windows\SysWow64\L3CODECX.AX
2014-02-08 06:51:31 82944 ----a-w- C:\Windows\SysWow64\vct3216.acm
2014-02-08 06:51:31 81920 ----a-w- C:\Windows\SysWow64\AC3ACM.acm
2014-02-08 06:51:31 524288 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2014-02-08 06:51:31 413760 ----a-w- C:\Windows\SysWow64\mpg4c32.dll
2014-02-08 06:51:31 38912 ----a-w- C:\Windows\SysWow64\alf2cd.acm
2014-02-08 06:51:31 261632 ----a-w- C:\Windows\SysWow64\mcdvd_32.dll
2014-02-08 06:51:31 221215 ----a-w- C:\Windows\SysWow64\divxdec.ax
2014-02-08 06:51:31 139264 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2014-02-08 06:51:31 13239 ----a-w- C:\Windows\SysWow64\Scg726.acm
2014-02-06 17:16:38 -------- d-----w- C:\Users\WordsmithLLC\AppData\Roaming\HD Youtube Downloader Free
2014-02-05 22:35:00 -------- d-----w- C:\Users\WordsmithLLC\AppData\Roaming\InqScribe
2014-01-28 17:12:15 -------- d-----w- C:\Program Files\iPod
2014-01-28 17:12:13 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-28 17:12:13 -------- d-----w- C:\Program Files\iTunes
2014-01-26 17:48:14 -------- d-----w- C:\Program Files (x86)\Plex
2014-01-24 20:40:53 -------- d-----w- C:\Users\WordsmithLLC\AppData\Local\Plex Media Server
.
==================== Find3M  ====================
.
2014-02-19 22:53:41 1048576 ----a-w- C:\Windows\PE_Rom.dll
2014-02-07 06:11:32 275360 ----a-w- C:\Windows\System32\DreamScene.dll
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-05 09:18:51 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 09:18:51 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-28 02:54:29 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2014-01-28 02:54:28 92488 ----a-w- C:\Windows\System32\LMIinit.dll
2014-01-28 02:54:28 35656 ----a-w- C:\Windows\System32\LMIport.dll
2014-01-14 19:59:41 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-18 13:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-17 02:53:43 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 16:00:15 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-12-04 16:00:15 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-26 15:41:58 630272 ----a-w- C:\Windows\SysWow64\tsccvid64.dll
2013-11-26 15:41:58 602624 ----a-w- C:\Windows\SysWow64\tsccvid.dll
2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys
2013-11-26 08:16:50 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-22 22:48:21 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2012-09-15 22:47:56 84480 ----a-w- C:\Program Files\DirLinker.exe
.
============= FINISH: 16:03:07.37 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 JoeyRobertParks

JoeyRobertParks
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:00 AM

Posted 19 February 2014 - 06:20 PM

My apologies for the note in the first line about when I posted this. That was just my note and I accidental left it there. Also, the double attached files, also a mistake. I couldn't get the darned thing to post. All those browser problems I had above. Including a fairly constant notice that sites are offline when they aren't. I'm sure the BEE has something to do with this...  :devil:



#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:00 AM

Posted 19 February 2014 - 10:44 PM





Hello JoeyRobertParks

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 JoeyRobertParks

JoeyRobertParks
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:00 AM

Posted 20 February 2014 - 11:18 AM

Hello Gringo!

Thanks for your help.

 

Please clarify how you would like to me to supply you with the Addition.txt after I've run the Farbar Recovery Scan Tool, because the end of your post says, "Please attach it to your reply" (which I take to mean attach the file by uploading it as an attached file), but earlier in the post it says, "Please do not attach logs or use code boxes, just copy and paste the text."  Whatever you want I will do. 

 

Thanks!

 

Joey

 

 



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:00 AM

Posted 20 February 2014 - 01:09 PM

For that document you may do which ever you choose - I will look at it later for something very specific so for that report it does not bother me if it is attached

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 JoeyRobertParks

JoeyRobertParks
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:00 AM

Posted 20 February 2014 - 03:07 PM

Gringo,

 

1.  Here's the FRST.txt results of the FarBar Recovery Scan Tool:

 

2.  I've posted the Addition.txt results after that.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014
Ran by WordsmithLLC (administrator) on WORDSMITHLLC-PC on 20-02-2014 12:59:12
Running from C:\Users\WordsmithLLC\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.24\AsusFanControlService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) Y:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
() Y:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(LogMeIn, Inc.) Y:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) Y:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(Symantec Corporation) C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(iAnywhere Solutions, Inc.) F:\Program Files\Intuit\Quickbooks 2007\QBDBMgrN.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) Y:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(Malwarebytes Corporation) y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(LogMeIn, Inc.) Y:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Akamai Technologies, Inc.) C:\Users\WordsmithLLC\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Spotify Ltd) C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Akamai Technologies, Inc.) C:\Users\WordsmithLLC\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Audible, Inc.) Y:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Dropbox, Inc.) C:\Users\WordsmithLLC\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(Acronis) Y:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Systems Inc.) Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) Z:\Program Files (x86)\iTunes\iTunesHelper.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Spotify Ltd) C:\Users\WordsmithLLC\AppData\Roaming\Spotify\spotify.exe
() C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) Y:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IVONA Software Sp. z o.o.) C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe
(IVONA Software Sp. z o.o.) C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6457960 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] - Y:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2011-10-31] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] - C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [930304 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - Y:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6010264 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [941440 2012-07-24] (Acronis)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-20] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - Z:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [InstaLAN] - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Norton Download Manager{N360P211018-SHPD-FSD40014}] - C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-04] (Symantec Corporation)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [Akamai NetSession Interface] - C:\Users\WordsmithLLC\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [Google Update] - C:\Users\WordsmithLLC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-10-05] (Google Inc.)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4277896 2013-12-23] (Plex, Inc.)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [Spotify Web Helper] - C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-17] (Spotify Ltd)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [IVONA Reader] - C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe [1735024 2013-05-31] (IVONA Software Sp. z o.o.)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\Run: [IVONA ControlCenter] - C:\Program Files (x86)\IVONA\IVONA ControlCenter\IVONA ControlCenter.exe [2251128 2013-06-11] (IVONA Software Sp. z o.o.)
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\MountPoints2: {968ce47a-f127-11e1-93f8-806e6f6e6963} - G:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\MountPoints2: {ad5ed858-f174-11e1-b92b-806e6f6e6963} - G:\browcall.exe welcome.htm
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\MountPoints2: {ae666da8-3e2b-11e2-900c-c86000be374a} - K:\setup.exe -a
HKU\S-1-5-21-2114272673-536018299-2031490470-1000\...\MountPoints2: {ae666f58-3e2b-11e2-900c-c86000be374a} - H:\setup.exe -a
Startup: C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\WordsmithLLC\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9FC31ADC818ACE01
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVONA Software Sp. z o.o.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - Y:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVONA Software Sp. z o.o.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Net Reader - {FEEEB9C2-E466-4A83-876C-6FD2DDF1A3D1} - Y:\Program Files (x86)\AudioBookCreator.com\netReader.dll ()
Toolbar: HKLM-x32 - IVONA Reader - {8664889D-ED18-4713-918F-E2BB69D8452B} - C:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVONA Software Sp. z o.o.)
Toolbar: HKCU - No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
Toolbar: HKCU - No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} -  No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} -  No File
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://www.fcd.maricopa.gov/maps/gismaps/plugin/mgaxctrl6.5.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 54.225.95.126 gcbkfpidjhchgnokamccdemjfamackdh
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF ProfilePath: C:\Users\WordsmithLLC\AppData\Roaming\Mozilla\Firefox\Profiles\alo3tkyk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - Z:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - y:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - Y:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - Y:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin - C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Simon Bünzli)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - Y:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: @mozilla.zeniko.ch/PDFlite_Browser_Plugin - C:\Program Files (x86)\PDFlite\npPdfViewer.dll (Simon Bünzli)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\WordsmithLLC\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\WordsmithLLC\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\WordsmithLLC\AppData\Roaming\Mozilla\Firefox\Profiles\alo3tkyk.default\searchplugins\safeguard-secure-search.xml
FF Extension: Bee Coupons - C:\Users\WordsmithLLC\AppData\Roaming\Mozilla\Firefox\Profiles\alo3tkyk.default\Extensions\{621A5F83-9727-6DEA-0C22-34C950C02A37} [2014-01-13]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\WordsmithLLC\AppData\Roaming\Mozilla\Firefox\Profiles\alo3tkyk.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-01-26]
FF Extension: Adblock Plus - C:\Users\WordsmithLLC\AppData\Roaming\Mozilla\Firefox\Profiles\alo3tkyk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-12]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-05]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
 
Chrome: 
=======
CHR Extension: (Google Wallet) - C:\Users\WordsmithLLC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-19]
CHR HKCU\...\Chrome\Extension: [hknpjpodmmapnfjhnblgmalmaanpajhc] - C:\ProgramData\VideoDownloaderUltimate\Chrome\VideoDownloaderUltimate.crx [2014-02-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - Y:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [hknpjpodmmapnfjhnblgmalmaanpajhc] - C:\ProgramData\VideoDownloaderUltimate\Chrome\VideoDownloaderUltimate.crx [2014-02-16]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.24\AsusFanControlService.exe [1489024 2012-02-01] (ASUSTeK Computer Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] ()
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] ()
R2 DeviceMonitorService; Y:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [87368 2011-09-19] (Nero AG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 GJServiceV5; Y:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe [4502200 2013-10-30] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-01-20] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 LMIGuardianSvc; Y:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-01-27] (LogMeIn, Inc.)
R2 LMIMaint; Y:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-01-27] (LogMeIn, Inc.)
R2 LogMeIn; Y:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
R2 MBAMScheduler; y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; y:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MCLIENT; C:\Program Files (x86)\Norton One\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-04] (Symantec Corporation)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [216080 2012-07-26] (Nitro PDF Software)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\SymcPCCULaunchSvc.exe [123320 2011-11-07] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe [126392 2011-11-07] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-12-19] ()
R2 QuickBooksDB17; F:\Program Files\Intuit\Quickbooks 2007\QBDBMgrN.exe [128536 2013-02-03] (iAnywhere Solutions, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14592 2010-10-20] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-19] (MCCI Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-08-20] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [34040 2011-09-01] (Windows ® Codename Longhorn DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2012-12-21] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2012-12-21] ()
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2012-12-21] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2012-12-21] ()
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140219.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
R2 LMIInfo; Y:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [35384 2013-10-29] (SlySoft Inc.)
R3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [60472 2013-10-29] (SlySoft Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140220.003\ENG64.SYS [126040 2014-01-24] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140220.003\EX64.SYS [2099288 2014-01-24] (Symantec Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2012-12-23] (Acronis)
R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [123152 2012-10-16] (High Criteria inc.)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2012-12-23] (Acronis)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-20 12:59 - 2014-02-20 12:59 - 00038257 _____ () C:\Users\WordsmithLLC\Downloads\FRST.txt
2014-02-20 12:59 - 2014-02-20 12:59 - 00000000 ____D () C:\FRST
2014-02-20 12:58 - 2014-02-20 12:58 - 02153984 _____ (Farbar) C:\Users\WordsmithLLC\Downloads\FRST64.exe
2014-02-20 11:25 - 2014-02-20 11:26 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\IVONA ControlCenter
2014-02-20 11:24 - 2014-02-20 11:35 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\IVONA Reader
2014-02-20 11:24 - 2014-02-20 11:25 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-02-20 11:24 - 2014-02-20 11:24 - 00002080 _____ () C:\Users\Public\Desktop\IVONA Reader.lnk
2014-02-20 11:24 - 2014-02-20 11:24 - 00000000 ___RD () C:\Users\WordsmithLLC\Documents\IVONA Reader Podcasts
2014-02-20 11:04 - 2014-02-20 11:04 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\IVONA_INST
2014-02-20 11:00 - 2014-02-20 11:00 - 00001015 _____ () C:\Users\Public\Desktop\IVONA MiniReader.lnk
2014-02-20 10:58 - 2014-02-20 10:59 - 14347656 _____ () C:\Users\WordsmithLLC\Downloads\Ivona_MiniReader_inst_wi_ne.exe
2014-02-20 10:49 - 2014-02-20 10:51 - 00000000 ____D () C:\ProgramData\NaturalReaders
2014-02-20 09:23 - 2014-02-20 11:04 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Naturalsoft
2014-02-20 09:22 - 2014-02-20 11:04 - 00000000 ____D () C:\Users\WordsmithLLC\Documents\Naturalsoft
2014-02-20 09:21 - 2014-02-20 09:21 - 19099064 _____ (Naturalsoft limited ) C:\Users\WordsmithLLC\Downloads\standardsetup.exe
2014-02-19 15:52 - 2014-02-19 15:52 - 00003014 _____ () C:\Windows\PFRO.log
2014-02-19 15:49 - 2014-02-19 16:21 - 00000004 _____ () C:\Users\WordsmithLLC\Desktop\Bleeping computer post.txt
2014-02-19 15:43 - 2014-02-19 15:43 - 00000797 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 15:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-19 15:42 - 2014-02-19 15:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\WordsmithLLC\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 15:32 - 2014-02-19 16:03 - 00038501 _____ () C:\Users\WordsmithLLC\Desktop\dds.txt
2014-02-19 15:32 - 2014-02-19 16:03 - 00012283 _____ () C:\Users\WordsmithLLC\Desktop\attach.txt
2014-02-19 15:26 - 2014-02-19 15:26 - 00688992 ____R (Swearware) C:\Users\WordsmithLLC\Downloads\dds.com
2014-02-19 14:56 - 2014-02-19 15:52 - 00000112 _____ () C:\Windows\setupact.log
2014-02-19 14:56 - 2014-02-19 14:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-19 14:30 - 2014-02-19 14:30 - 00116614 _____ () C:\Users\WordsmithLLC\Documents\cc_20140219_143011.reg
2014-02-19 14:29 - 2014-02-19 14:29 - 00001887 _____ () C:\Users\WordsmithLLC\Desktop\JRT.txt
2014-02-19 14:24 - 2014-02-19 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-02-19 14:23 - 2014-02-19 14:23 - 01037530 _____ (Thisisu) C:\Users\WordsmithLLC\Downloads\JRT.exe
2014-02-19 14:18 - 2014-02-19 14:18 - 00002786 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-19 14:18 - 2014-02-19 14:18 - 00000835 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-19 14:18 - 2014-02-19 14:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-19 14:17 - 2014-02-19 14:17 - 04721920 _____ (Piriform Ltd) C:\Users\WordsmithLLC\Downloads\ccsetup410.exe
2014-02-19 12:49 - 2014-02-19 12:50 - 00000000 ____D () C:\Intel
2014-02-19 12:45 - 2014-02-19 12:48 - 144492296 _____ (Intel Corporation) C:\Users\WordsmithLLC\Downloads\Win64_15338.exe
2014-02-19 12:42 - 2014-02-19 12:42 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\SystemRequirementsLab
2014-02-19 12:42 - 2014-02-19 12:42 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-19 09:55 - 2014-02-19 09:55 - 00000000 ____D () C:\Users\WordsmithLLC\Documents\AudioBookCreator
2014-02-19 09:53 - 2014-02-19 09:53 - 00000000 ____D () C:\Windows\Lhsp
2014-02-19 09:53 - 2014-02-19 09:53 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audio Book Creator
2014-02-19 09:52 - 2014-02-19 09:52 - 19937280 _____ () C:\Users\WordsmithLLC\Downloads\setupabc.exe
2014-02-18 23:55 - 2014-02-19 00:55 - 00000030 _____ () C:\Users\WordsmithLLC\AppData\Roaming\WB.CFG
2014-02-18 22:58 - 2014-02-18 22:58 - 01671267 _____ () C:\Users\WordsmithLLC\Desktop\cpu-z-1.64.1-en(1).rar
2014-02-18 22:58 - 2014-02-18 22:58 - 00009209 _____ () C:\Users\WordsmithLLC\Desktop\cputest.exe
2014-02-18 22:57 - 2014-02-18 22:57 - 01671267 _____ () C:\Users\WordsmithLLC\Desktop\cpu-z-1.64.1-en.rar
2014-02-18 22:55 - 2014-02-20 12:55 - 00000312 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-18 22:55 - 2014-02-19 15:51 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\DigitalSites
2014-02-18 22:55 - 2014-02-18 22:55 - 00003280 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-16 22:59 - 2014-02-16 23:00 - 63048176 _____ (Plex, Inc.) C:\Users\WordsmithLLC\Downloads\Plex-Media-Server-0.9.818.290-11b7fdd-en-US.exe
2014-02-16 21:17 - 2014-02-16 21:17 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-16 19:37 - 2014-02-19 15:53 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-16 19:34 - 2014-02-16 19:36 - 00000000 ____D () C:\AdwCleaner
2014-02-16 19:34 - 2014-02-16 19:34 - 01166132 _____ () C:\Users\WordsmithLLC\Downloads\adwcleaner.exe
2014-02-16 18:06 - 2014-02-16 18:06 - 00000779 _____ () C:\Users\QBDataServiceUser17\Desktop\Dream Chronicles 2.lnk
2014-02-16 18:06 - 2014-02-16 18:06 - 00000314 _____ () C:\Users\QBDataServiceUser17\Desktop\Get More Games at PlayFirst.com.lnk
2014-02-16 18:06 - 2014-02-16 18:06 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\PlayFirst
2014-02-16 18:06 - 2014-02-16 18:06 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-02-16 17:24 - 2014-02-16 17:24 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\DOSBox
2014-02-16 17:18 - 2014-02-16 17:18 - 01448809 _____ (DOSBox Team) C:\Users\WordsmithLLC\Downloads\DOSBox0.74-win32-installer.exe
2014-02-16 17:14 - 2014-02-16 17:14 - 00002922 _____ () C:\Windows\System32\Tasks\{DC3F328D-8B1B-4806-ABB0-0BF510559981}
2014-02-16 17:14 - 2014-02-16 17:14 - 00002922 _____ () C:\Windows\System32\Tasks\{DA6BEC10-7D6B-4DC4-9FCE-D0F7CE587C43}
2014-02-16 17:13 - 2014-02-16 17:13 - 00002922 _____ () C:\Windows\System32\Tasks\{AFBCBAA6-B8A8-4A50-B85A-655119638D68}
2014-02-16 17:13 - 2014-02-16 17:13 - 00002922 _____ () C:\Windows\System32\Tasks\{83D5AB29-A392-4C75-B9F0-7DFFA4336521}
2014-02-16 17:12 - 2014-02-16 17:12 - 00002922 _____ () C:\Windows\System32\Tasks\{9479E1DA-199C-4341-8693-B15DF943E839}
2014-02-16 16:47 - 2014-02-16 16:47 - 00000000 ____D () C:\ProgramData\SlySoft
2014-02-16 16:42 - 2014-02-19 15:52 - 00000044 ___SH () C:\ProgramData\.zreglib
2014-02-16 16:42 - 2014-02-16 16:42 - 00000872 _____ () C:\Users\Public\Desktop\Game Jackal v5.lnk
2014-02-16 16:42 - 2013-10-29 16:04 - 00060472 _____ (SlySoft Inc.) C:\Windows\system32\Drivers\maploml.sys
2014-02-16 16:42 - 2013-10-29 16:04 - 00035384 _____ (SlySoft Inc.) C:\Windows\system32\Drivers\maplom.sys
2014-02-16 16:37 - 2014-02-16 16:37 - 10147267 _____ (SlySoft Inc. ) C:\Users\WordsmithLLC\Downloads\SetupGameJackal5200.exe
2014-02-16 16:22 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2014-02-16 16:19 - 2014-02-16 16:20 - 01352435 _____ () C:\Users\WordsmithLLC\Downloads\setup_magicdisc.exe
2014-02-16 16:13 - 2014-02-16 16:15 - 00000405 _____ () C:\Windows\PowerReg.dat
2014-02-16 16:13 - 1999-12-09 13:18 - 00239616 _____ (Virtual Media Technology P/L) C:\Windows\SysWOW64\Hdk3ctnt.dll
2014-02-16 15:59 - 2014-02-16 15:59 - 00002922 _____ () C:\Windows\System32\Tasks\{1BCEDFB0-2594-4607-849D-5B4189F34E48}
2014-02-15 11:39 - 2014-02-15 11:46 - 255523176 _____ () C:\Users\WordsmithLLC\Downloads\camtasiaup.exe
2014-02-14 22:10 - 2014-02-15 11:36 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Youtube Downloader HD
2014-02-14 22:10 - 2014-02-14 22:10 - 00000821 _____ () C:\Users\WordsmithLLC\Desktop\Youtube Downloader HD.lnk
2014-02-14 22:08 - 2014-02-14 22:09 - 09664032 _____ (YoutubeDownloaderHD.com ) C:\Users\WordsmithLLC\Downloads\youtube_downloader_hd_setup.exe
2014-02-14 20:15 - 2014-02-14 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 18:24 - 2014-02-14 19:16 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\Tweed Video
2014-02-14 12:33 - 2014-02-14 12:33 - 00000000 ____D () C:\Users\WordsmithLLC\Documents\Outlook Files
2014-02-13 12:12 - 2014-01-08 15:54 - 00121856 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-13 12:12 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-02-13 11:24 - 2014-02-15 12:11 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-13 11:24 - 2014-02-13 15:29 - 00000000 ____D () C:\ProgramData\IObit
2014-02-13 11:24 - 2014-02-13 11:24 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-13 11:24 - 2014-02-13 11:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-13 11:23 - 2014-02-13 15:29 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\IObit
2014-02-12 23:52 - 2014-02-12 23:53 - 35641992 _____ (IObit ) C:\Users\WordsmithLLC\Downloads\advanced-systemcare-setup.exe
2014-02-12 14:54 - 2014-02-12 14:54 - 00000467 _____ () C:\Users\WordsmithLLC\Downloads\01 - Reaching the Potential.m3u
2014-02-12 12:59 - 2014-02-12 12:59 - 06761987 _____ () C:\Users\WordsmithLLC\Downloads\Ryan - Libby - Daniel - Dtphx.co.m4a
2014-02-12 03:00 - 2014-02-06 05:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 03:00 - 2014-02-06 04:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 03:00 - 2014-02-06 04:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 03:00 - 2014-02-06 04:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 03:00 - 2014-02-06 04:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 03:00 - 2014-02-06 04:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 03:00 - 2014-02-06 03:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 03:00 - 2014-02-06 03:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 03:00 - 2014-02-06 03:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 03:00 - 2014-02-06 03:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 03:00 - 2014-02-06 03:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 03:00 - 2014-02-06 03:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 03:00 - 2014-02-06 03:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 03:00 - 2014-02-06 03:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 03:00 - 2014-02-06 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 03:00 - 2014-02-06 03:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 03:00 - 2014-02-06 03:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 03:00 - 2014-02-06 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 03:00 - 2014-02-06 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 03:00 - 2014-02-06 02:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 03:00 - 2014-02-06 02:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 03:00 - 2014-02-06 02:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 03:00 - 2014-02-06 02:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 03:00 - 2014-02-06 02:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 03:00 - 2014-02-06 02:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 03:00 - 2014-02-06 02:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 03:00 - 2014-02-06 02:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 03:00 - 2014-02-06 02:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 03:00 - 2014-02-06 02:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 03:00 - 2014-02-06 02:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 03:00 - 2014-02-06 02:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 03:00 - 2014-02-06 02:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 03:00 - 2014-02-06 02:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 03:00 - 2014-02-06 02:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 03:00 - 2014-02-06 01:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 03:00 - 2014-02-06 01:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 03:00 - 2014-02-06 01:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 03:00 - 2014-02-06 01:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 03:00 - 2014-02-06 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 03:00 - 2013-12-21 02:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 03:00 - 2013-12-21 01:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 02:05 - 2013-12-31 16:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 02:05 - 2013-12-31 16:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 02:05 - 2013-12-24 16:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 02:05 - 2013-12-24 15:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 02:05 - 2013-12-05 19:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 02:05 - 2013-12-05 19:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 02:05 - 2013-12-05 19:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 02:05 - 2013-12-05 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 02:05 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 02:05 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 02:05 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 02:05 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 02:05 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 02:05 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 02:05 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 02:05 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 02:05 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 02:05 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 02:05 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 02:05 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 02:05 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 02:05 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 02:05 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 02:05 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 02:05 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 02:05 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 02:05 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 02:05 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 23:20 - 2014-02-11 23:20 - 00000216 _____ () C:\Users\WordsmithLLC\Desktop\realMyst Masterpiece Edition.url
2014-02-11 23:20 - 2014-02-11 23:20 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-11 22:38 - 2014-02-11 22:38 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-02-11 22:38 - 2014-02-11 22:38 - 00001908 _____ () C:\Windows\diagerr.xml
2014-02-10 01:11 - 2014-02-10 01:11 - 01727624 _____ () C:\Users\WordsmithLLC\Downloads\Adaware_Installer.exe
2014-02-10 01:03 - 2014-02-10 01:04 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-02-10 00:16 - 2014-02-16 16:46 - 00000000 ____D () C:\ProgramData\VideoDownloaderUltimate
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\ProgramData\Belkin
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\ProgramData\Affinegy
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\Program Files\Belkin
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\Program Files (x86)\Belkin
2014-02-09 20:57 - 2009-06-22 16:50 - 00291352 _____ (silex technology, Inc.) C:\Windows\system32\Drivers\sxuptp.sys
2014-02-07 23:55 - 2014-02-07 23:55 - 00000730 _____ () C:\Users\WordsmithLLC\Desktop\DVDFab 8 Qt.lnk
2014-02-07 23:51 - 2014-02-07 23:51 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-07 23:51 - 2014-02-07 23:51 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-07 23:51 - 2007-02-27 19:36 - 00524288 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-02-07 23:51 - 2007-02-27 19:36 - 00413760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
2014-02-07 23:51 - 2007-02-27 19:36 - 00261632 _____ (MainConcept) C:\Windows\SysWOW64\mcdvd_32.dll
2014-02-07 23:51 - 2007-02-27 19:36 - 00221215 _____ (DivXNetworks, Inc.) C:\Windows\SysWOW64\divxdec.ax
2014-02-07 23:51 - 2007-02-27 19:36 - 00156910 _____ () C:\Windows\WMSysPr8.prx
2014-02-07 23:51 - 2007-02-27 19:36 - 00139264 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-02-07 23:51 - 2007-02-27 19:36 - 00082944 _____ (Voxware, Inc.) C:\Windows\SysWOW64\vct3216.acm
2014-02-07 23:51 - 2007-02-27 19:36 - 00081920 _____ (fccHandler) C:\Windows\SysWOW64\AC3ACM.acm
2014-02-07 23:51 - 2007-02-27 19:36 - 00038912 _____ (NCT Company) C:\Windows\SysWOW64\alf2cd.acm
2014-02-07 23:51 - 2007-02-27 19:36 - 00013239 _____ (SHARP Corporation) C:\Windows\SysWOW64\Scg726.acm
2014-02-07 23:51 - 2003-03-25 06:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\L3CODECX.AX
2014-02-06 22:51 - 2014-02-06 22:51 - 00000000 ____D () C:\Program Files\Adobe
2014-02-06 10:16 - 2014-02-06 10:16 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\HD Youtube Downloader Free
2014-02-05 18:36 - 2014-02-05 18:41 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\Blade Runner - Esper Edition
2014-02-05 15:35 - 2014-02-05 15:35 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\InqScribe
2014-02-05 15:34 - 2014-02-05 15:34 - 00000825 _____ () C:\Users\WordsmithLLC\Desktop\InqScribe.lnk
2014-01-28 10:12 - 2014-01-28 10:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-28 10:12 - 2014-01-28 10:12 - 00000000 ____D () C:\Program Files\iTunes
2014-01-28 10:12 - 2014-01-28 10:12 - 00000000 ____D () C:\Program Files\iPod
2014-01-27 14:18 - 2014-01-27 15:31 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\FB profile pics
2014-01-26 10:48 - 2014-01-26 10:48 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-01-24 13:40 - 2014-01-26 10:59 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\Plex Media Server
2014-01-24 13:13 - 2013-03-10 17:39 - 1517272915 _____ () C:\Users\WordsmithLLC\Akira.mp4
 
==================== One Month Modified Files and Folders =======
 
2014-02-20 12:59 - 2014-02-20 12:59 - 00038257 _____ () C:\Users\WordsmithLLC\Downloads\FRST.txt
2014-02-20 12:59 - 2014-02-20 12:59 - 00000000 ____D () C:\FRST
2014-02-20 12:58 - 2014-02-20 12:58 - 02153984 _____ (Farbar) C:\Users\WordsmithLLC\Downloads\FRST64.exe
2014-02-20 12:56 - 2013-01-08 18:08 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\Ken Post
2014-02-20 12:55 - 2014-02-18 22:55 - 00000312 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-20 12:33 - 2012-08-28 11:38 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 12:33 - 2012-08-28 11:38 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 12:18 - 2012-08-30 14:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 12:17 - 2012-10-05 10:36 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000UA.job
2014-02-20 11:35 - 2014-02-20 11:24 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\IVONA Reader
2014-02-20 11:26 - 2014-02-20 11:25 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\IVONA ControlCenter
2014-02-20 11:26 - 2012-08-28 08:55 - 01756249 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 11:25 - 2014-02-20 11:24 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-02-20 11:25 - 2012-12-03 07:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-20 11:24 - 2014-02-20 11:24 - 00002080 _____ () C:\Users\Public\Desktop\IVONA Reader.lnk
2014-02-20 11:24 - 2014-02-20 11:24 - 00000000 ___RD () C:\Users\WordsmithLLC\Documents\IVONA Reader Podcasts
2014-02-20 11:04 - 2014-02-20 11:04 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\IVONA_INST
2014-02-20 11:04 - 2014-02-20 09:23 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Naturalsoft
2014-02-20 11:04 - 2014-02-20 09:22 - 00000000 ____D () C:\Users\WordsmithLLC\Documents\Naturalsoft
2014-02-20 11:00 - 2014-02-20 11:00 - 00001015 _____ () C:\Users\Public\Desktop\IVONA MiniReader.lnk
2014-02-20 10:59 - 2014-02-20 10:58 - 14347656 _____ () C:\Users\WordsmithLLC\Downloads\Ivona_MiniReader_inst_wi_ne.exe
2014-02-20 10:51 - 2014-02-20 10:49 - 00000000 ____D () C:\ProgramData\NaturalReaders
2014-02-20 09:38 - 2013-10-17 09:37 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-20 09:21 - 2014-02-20 09:21 - 19099064 _____ (Naturalsoft limited ) C:\Users\WordsmithLLC\Downloads\standardsetup.exe
2014-02-20 09:05 - 2009-07-13 22:13 - 01046878 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-20 09:02 - 2012-08-28 16:41 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Spotify
2014-02-19 19:23 - 2009-07-13 21:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 19:23 - 2009-07-13 21:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 18:17 - 2012-10-05 10:36 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000Core.job
2014-02-19 16:21 - 2014-02-19 15:49 - 00000004 _____ () C:\Users\WordsmithLLC\Desktop\Bleeping computer post.txt
2014-02-19 16:03 - 2014-02-19 15:32 - 00038501 _____ () C:\Users\WordsmithLLC\Desktop\dds.txt
2014-02-19 16:03 - 2014-02-19 15:32 - 00012283 _____ () C:\Users\WordsmithLLC\Desktop\attach.txt
2014-02-19 15:58 - 2012-09-23 05:05 - 00000000 _____ () C:\Windows\Path.idx
2014-02-19 15:53 - 2014-02-16 19:37 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-19 15:53 - 2013-03-06 23:21 - 00003390 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2114272673-536018299-2031490470-1000
2014-02-19 15:53 - 2013-03-06 23:21 - 00003270 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2114272673-536018299-2031490470-1000
2014-02-19 15:53 - 2012-12-18 18:25 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Dropbox
2014-02-19 15:53 - 2012-09-22 23:06 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-02-19 15:53 - 2012-08-29 12:11 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\CrashDumps
2014-02-19 15:52 - 2014-02-19 15:52 - 00003014 _____ () C:\Windows\PFRO.log
2014-02-19 15:52 - 2014-02-19 14:56 - 00000112 _____ () C:\Windows\setupact.log
2014-02-19 15:52 - 2014-02-16 16:42 - 00000044 ___SH () C:\ProgramData\.zreglib
2014-02-19 15:52 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 15:51 - 2014-02-18 22:55 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\DigitalSites
2014-02-19 15:43 - 2014-02-19 15:43 - 00000797 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 15:42 - 2014-02-19 15:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\WordsmithLLC\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-19 15:26 - 2014-02-19 15:26 - 00688992 ____R (Swearware) C:\Users\WordsmithLLC\Downloads\dds.com
2014-02-19 14:56 - 2014-02-19 14:56 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-19 14:30 - 2014-02-19 14:30 - 00116614 _____ () C:\Users\WordsmithLLC\Documents\cc_20140219_143011.reg
2014-02-19 14:29 - 2014-02-19 14:29 - 00001887 _____ () C:\Users\WordsmithLLC\Desktop\JRT.txt
2014-02-19 14:24 - 2014-02-19 14:24 - 00000000 ____D () C:\Windows\ERUNT
2014-02-19 14:23 - 2014-02-19 14:23 - 01037530 _____ (Thisisu) C:\Users\WordsmithLLC\Downloads\JRT.exe
2014-02-19 14:18 - 2014-02-19 14:18 - 00002786 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-19 14:18 - 2014-02-19 14:18 - 00000835 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-19 14:18 - 2014-02-19 14:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-19 14:17 - 2014-02-19 14:17 - 04721920 _____ (Piriform Ltd) C:\Users\WordsmithLLC\Downloads\ccsetup410.exe
2014-02-19 12:52 - 2012-08-28 14:40 - 00019466 _____ () C:\Windows\system32\results.xml
2014-02-19 12:52 - 2009-07-13 21:45 - 00455784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 12:51 - 2012-08-28 14:35 - 00000000 ____D () C:\Program Files\Intel
2014-02-19 12:50 - 2014-02-19 12:49 - 00000000 ____D () C:\Intel
2014-02-19 12:48 - 2014-02-19 12:45 - 144492296 _____ (Intel Corporation) C:\Users\WordsmithLLC\Downloads\Win64_15338.exe
2014-02-19 12:42 - 2014-02-19 12:42 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\SystemRequirementsLab
2014-02-19 12:42 - 2014-02-19 12:42 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-19 11:08 - 2012-09-24 20:41 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\PrimoPDF
2014-02-19 10:06 - 2012-08-28 16:46 - 00117080 _____ () C:\Users\WordsmithLLC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-19 09:55 - 2014-02-19 09:55 - 00000000 ____D () C:\Users\WordsmithLLC\Documents\AudioBookCreator
2014-02-19 09:53 - 2014-02-19 09:53 - 00000000 ____D () C:\Windows\Lhsp
2014-02-19 09:53 - 2014-02-19 09:53 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audio Book Creator
2014-02-19 09:53 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Speech
2014-02-19 09:53 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2014-02-19 09:52 - 2014-02-19 09:52 - 19937280 _____ () C:\Users\WordsmithLLC\Downloads\setupabc.exe
2014-02-19 00:55 - 2014-02-18 23:55 - 00000030 _____ () C:\Users\WordsmithLLC\AppData\Roaming\WB.CFG
2014-02-18 23:57 - 2012-08-29 15:13 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-18 22:58 - 2014-02-18 22:58 - 01671267 _____ () C:\Users\WordsmithLLC\Desktop\cpu-z-1.64.1-en(1).rar
2014-02-18 22:58 - 2014-02-18 22:58 - 00009209 _____ () C:\Users\WordsmithLLC\Desktop\cputest.exe
2014-02-18 22:57 - 2014-02-18 22:57 - 01671267 _____ () C:\Users\WordsmithLLC\Desktop\cpu-z-1.64.1-en.rar
2014-02-18 22:55 - 2014-02-18 22:55 - 00003280 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-02-18 22:48 - 2012-10-12 10:14 - 00007618 _____ () C:\Users\WordsmithLLC\AppData\Local\resmon.resmoncfg
2014-02-18 22:44 - 2013-09-03 23:29 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-18 22:39 - 2013-09-03 23:39 - 00000000 ___HD () C:\$AVG
2014-02-18 22:39 - 2013-09-03 23:39 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-16 23:08 - 2012-10-20 18:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 23:00 - 2014-02-16 22:59 - 63048176 _____ (Plex, Inc.) C:\Users\WordsmithLLC\Downloads\Plex-Media-Server-0.9.818.290-11b7fdd-en-US.exe
2014-02-16 21:17 - 2014-02-16 21:17 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-16 19:36 - 2014-02-16 19:34 - 00000000 ____D () C:\AdwCleaner
2014-02-16 19:34 - 2014-02-16 19:34 - 01166132 _____ () C:\Users\WordsmithLLC\Downloads\adwcleaner.exe
2014-02-16 18:24 - 2012-07-17 13:50 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\Games
2014-02-16 18:06 - 2014-02-16 18:06 - 00000779 _____ () C:\Users\QBDataServiceUser17\Desktop\Dream Chronicles 2.lnk
2014-02-16 18:06 - 2014-02-16 18:06 - 00000314 _____ () C:\Users\QBDataServiceUser17\Desktop\Get More Games at PlayFirst.com.lnk
2014-02-16 18:06 - 2014-02-16 18:06 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\PlayFirst
2014-02-16 18:06 - 2014-02-16 18:06 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-02-16 17:24 - 2014-02-16 17:24 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\DOSBox
2014-02-16 17:18 - 2014-02-16 17:18 - 01448809 _____ (DOSBox Team) C:\Users\WordsmithLLC\Downloads\DOSBox0.74-win32-installer.exe
2014-02-16 17:14 - 2014-02-16 17:14 - 00002922 _____ () C:\Windows\System32\Tasks\{DC3F328D-8B1B-4806-ABB0-0BF510559981}
2014-02-16 17:14 - 2014-02-16 17:14 - 00002922 _____ () C:\Windows\System32\Tasks\{DA6BEC10-7D6B-4DC4-9FCE-D0F7CE587C43}
2014-02-16 17:13 - 2014-02-16 17:13 - 00002922 _____ () C:\Windows\System32\Tasks\{AFBCBAA6-B8A8-4A50-B85A-655119638D68}
2014-02-16 17:13 - 2014-02-16 17:13 - 00002922 _____ () C:\Windows\System32\Tasks\{83D5AB29-A392-4C75-B9F0-7DFFA4336521}
2014-02-16 17:12 - 2014-02-16 17:12 - 00002922 _____ () C:\Windows\System32\Tasks\{9479E1DA-199C-4341-8693-B15DF943E839}
2014-02-16 16:47 - 2014-02-16 16:47 - 00000000 ____D () C:\ProgramData\SlySoft
2014-02-16 16:46 - 2014-02-10 00:16 - 00000000 ____D () C:\ProgramData\VideoDownloaderUltimate
2014-02-16 16:42 - 2014-02-16 16:42 - 00000872 _____ () C:\Users\Public\Desktop\Game Jackal v5.lnk
2014-02-16 16:37 - 2014-02-16 16:37 - 10147267 _____ (SlySoft Inc. ) C:\Users\WordsmithLLC\Downloads\SetupGameJackal5200.exe
2014-02-16 16:36 - 2012-08-28 08:58 - 00000000 ___RD () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 16:20 - 2014-02-16 16:19 - 01352435 _____ () C:\Users\WordsmithLLC\Downloads\setup_magicdisc.exe
2014-02-16 16:15 - 2014-02-16 16:13 - 00000405 _____ () C:\Windows\PowerReg.dat
2014-02-16 15:59 - 2014-02-16 15:59 - 00002922 _____ () C:\Windows\System32\Tasks\{1BCEDFB0-2594-4607-849D-5B4189F34E48}
2014-02-16 03:01 - 2013-07-11 15:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 03:00 - 2012-08-28 17:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 12:14 - 2012-10-20 21:38 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-02-15 12:11 - 2014-02-13 11:24 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-15 11:48 - 2013-10-07 00:07 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-02-15 11:48 - 2012-10-20 21:13 - 00000000 ____D () C:\ProgramData\TechSmith
2014-02-15 11:48 - 2012-08-28 08:58 - 00000000 ____D () C:\Users\WordsmithLLC
2014-02-15 11:46 - 2014-02-15 11:39 - 255523176 _____ () C:\Users\WordsmithLLC\Downloads\camtasiaup.exe
2014-02-15 11:36 - 2014-02-14 22:10 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Youtube Downloader HD
2014-02-14 22:10 - 2014-02-14 22:10 - 00000821 _____ () C:\Users\WordsmithLLC\Desktop\Youtube Downloader HD.lnk
2014-02-14 22:09 - 2014-02-14 22:08 - 09664032 _____ (YoutubeDownloaderHD.com ) C:\Users\WordsmithLLC\Downloads\youtube_downloader_hd_setup.exe
2014-02-14 20:15 - 2014-02-14 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 19:16 - 2014-02-14 18:24 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\Tweed Video
2014-02-14 12:33 - 2014-02-14 12:33 - 00000000 ____D () C:\Users\WordsmithLLC\Documents\Outlook Files
2014-02-13 15:29 - 2014-02-13 11:24 - 00000000 ____D () C:\ProgramData\IObit
2014-02-13 15:29 - 2014-02-13 11:23 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\IObit
2014-02-13 15:06 - 2012-09-24 15:59 - 00000000 ___RD () C:\Users\WordsmithLLC\Virtual Machines
2014-02-13 12:54 - 2012-08-28 16:44 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\Spotify
2014-02-13 12:31 - 2012-09-14 11:29 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\Deployment
2014-02-13 12:28 - 2012-08-28 11:38 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 12:28 - 2012-08-28 11:38 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 11:30 - 2012-11-08 15:21 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\FileZilla
2014-02-13 11:30 - 2012-10-12 10:08 - 00000000 ____D () C:\Windows\Minidump
2014-02-13 11:30 - 2012-10-10 23:02 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\BitTorrent
2014-02-13 11:30 - 2012-09-22 13:06 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\DAEMON Tools Pro
2014-02-13 11:30 - 2012-08-28 09:46 - 00000000 ____D () C:\Windows\Panther
2014-02-13 11:30 - 2012-07-21 09:13 - 00000000 ____D () C:\Users\WordsmithLLC\Documents\My Games
2014-02-13 11:30 - 2008-07-21 17:29 - 00000000 ___RD () C:\Users\WordsmithLLC\Documents\Devotions
2014-02-13 11:24 - 2014-02-13 11:24 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-13 11:24 - 2014-02-13 11:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-12 23:53 - 2014-02-12 23:52 - 35641992 _____ (IObit ) C:\Users\WordsmithLLC\Downloads\advanced-systemcare-setup.exe
2014-02-12 14:54 - 2014-02-12 14:54 - 00000467 _____ () C:\Users\WordsmithLLC\Downloads\01 - Reaching the Potential.m3u
2014-02-12 12:59 - 2014-02-12 12:59 - 06761987 _____ () C:\Users\WordsmithLLC\Downloads\Ryan - Libby - Daniel - Dtphx.co.m4a
2014-02-12 03:56 - 2013-11-18 18:37 - 00000000 ____D () C:\Windows\rescache
2014-02-12 03:04 - 2012-08-28 15:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 03:01 - 2009-07-13 19:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-11 23:20 - 2014-02-11 23:20 - 00000216 _____ () C:\Users\WordsmithLLC\Desktop\realMyst Masterpiece Edition.url
2014-02-11 23:20 - 2014-02-11 23:20 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-11 22:38 - 2014-02-11 22:38 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-02-11 22:38 - 2014-02-11 22:38 - 00001908 _____ () C:\Windows\diagerr.xml
2014-02-11 19:33 - 2013-09-29 16:56 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\Akamai
2014-02-11 18:12 - 2012-10-05 10:36 - 00003924 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000UA
2014-02-11 18:12 - 2012-10-05 10:36 - 00003528 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000Core
2014-02-10 01:11 - 2014-02-10 01:11 - 01727624 _____ () C:\Users\WordsmithLLC\Downloads\Adaware_Installer.exe
2014-02-10 01:04 - 2014-02-10 01:03 - 00000000 ____D () C:\Program Files\AdwareRemovalToolv3.7
2014-02-09 23:33 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\ProgramData\Belkin
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\ProgramData\Affinegy
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\Program Files\Belkin
2014-02-09 20:57 - 2014-02-09 20:57 - 00000000 ____D () C:\Program Files (x86)\Belkin
2014-02-08 00:21 - 2014-01-13 16:29 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-02-07 23:55 - 2014-02-07 23:55 - 00000730 _____ () C:\Users\WordsmithLLC\Desktop\DVDFab 8 Qt.lnk
2014-02-07 23:51 - 2014-02-07 23:51 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-02-07 23:51 - 2014-02-07 23:51 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-02-07 23:47 - 2012-10-20 21:38 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-02-07 22:13 - 2012-11-14 10:18 - 00000000 ____D () C:\ProgramData\DVD Shrink
2014-02-07 21:54 - 2012-09-24 20:08 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-02-07 13:13 - 2014-01-06 16:13 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-06 23:11 - 2012-08-28 13:19 - 00275360 _____ (Microsoft Corporation) C:\Windows\system32\DreamScene.dll
2014-02-06 22:51 - 2014-02-06 22:51 - 00000000 ____D () C:\Program Files\Adobe
2014-02-06 10:18 - 2013-12-01 20:34 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coolmuster
2014-02-06 10:16 - 2014-02-06 10:16 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\HD Youtube Downloader Free
2014-02-06 05:16 - 2014-02-12 03:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 04:30 - 2014-02-12 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 04:30 - 2014-02-12 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 04:12 - 2014-02-12 03:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 04:07 - 2014-02-12 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 04:06 - 2014-02-12 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 03:57 - 2014-02-12 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 03:56 - 2014-02-12 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 03:52 - 2014-02-12 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 03:49 - 2014-02-12 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 03:48 - 2014-02-12 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 03:48 - 2014-02-12 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 03:38 - 2014-02-12 03:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 03:32 - 2014-02-12 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 03:20 - 2014-02-12 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 03:17 - 2014-02-12 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 03:11 - 2014-02-12 03:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 03:01 - 2014-02-12 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 03:00 - 2014-02-12 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 02:57 - 2014-02-12 03:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 02:57 - 2014-02-12 03:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 02:52 - 2014-02-12 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 02:52 - 2014-02-12 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 02:50 - 2014-02-12 03:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 02:49 - 2014-02-12 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 02:47 - 2014-02-12 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 02:46 - 2014-02-12 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 02:25 - 2014-02-12 03:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 02:25 - 2014-02-12 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 02:24 - 2014-02-12 03:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 02:22 - 2014-02-12 03:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 02:13 - 2014-02-12 03:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 02:09 - 2014-02-12 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 02:03 - 2014-02-12 03:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 01:55 - 2014-02-12 03:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 01:41 - 2014-02-12 03:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 01:40 - 2014-02-12 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 01:36 - 2014-02-12 03:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 01:34 - 2014-02-12 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 18:41 - 2014-02-05 18:36 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\Blade Runner - Esper Edition
2014-02-05 15:35 - 2014-02-05 15:35 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\InqScribe
2014-02-05 15:34 - 2014-02-05 15:34 - 00000825 _____ () C:\Users\WordsmithLLC\Desktop\InqScribe.lnk
2014-02-05 02:18 - 2012-08-30 14:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 02:18 - 2012-08-30 14:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 02:18 - 2012-08-30 14:38 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-01 16:32 - 2012-09-24 17:42 - 00000000 ____D () C:\Users\QBDataServiceUser17
2014-01-30 15:37 - 2012-10-20 21:00 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\AVS4YOU
2014-01-28 10:12 - 2014-01-28 10:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-28 10:12 - 2014-01-28 10:12 - 00000000 ____D () C:\Program Files\iTunes
2014-01-28 10:12 - 2014-01-28 10:12 - 00000000 ____D () C:\Program Files\iPod
2014-01-28 10:10 - 2012-08-29 14:04 - 00000000 ____D () C:\ProgramData\Apple
2014-01-27 19:54 - 2013-10-17 09:37 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2014-01-27 19:54 - 2013-10-17 09:37 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2014-01-27 19:54 - 2013-10-17 09:37 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2014-01-27 15:31 - 2014-01-27 14:18 - 00000000 ____D () C:\Users\WordsmithLLC\Desktop\FB profile pics
2014-01-26 10:59 - 2014-01-24 13:40 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\Plex Media Server
2014-01-26 10:48 - 2014-01-26 10:48 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-01-24 13:40 - 2012-08-29 14:05 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Apple Computer
2014-01-24 13:40 - 2012-08-29 14:05 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Local\Apple Computer
2014-01-23 09:44 - 2012-12-18 18:26 - 00000000 ____D () C:\Users\WordsmithLLC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 
Files to move or delete:
====================
C:\ProgramData\uninstaller.exe
 
 
Some content of TEMP:
====================
C:\Users\WordsmithLLC\AppData\Local\Temp\el_inst.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-18 00:22
 
==================== End Of Log ============================
 
 
HERE'S THE ADDITION.TXT RESULTS
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2014
Ran by WordsmithLLC at 2014-02-20 12:59:27
Running from C:\Users\WordsmithLLC\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton 360 Premier Edition (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier Edition (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
AC3File 0.6b (x32 Version: 0.6b - Alexander Vigovsky)
AC3Filter 1.62b (x32 Version: 1.62b - Alexander Vigovsky)
Adobe Acrobat XI Pro (x32 Version: 11.0.06 - Adobe Systems)
Adobe AIR (x32 Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.600 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements (x32 Version: 1.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe SVG Viewer (x32 Version: 1.0 - Adobe Systems, Inc.)
AI Suite II (x32 Version: 1.02.27 - ASUSTeK Computer Inc.)
AIFF MP3 Converter v3.3 build 1049 (x32 Version:  - Hoo Technologies)
AimOne MP4 Cutter & Joiner V2.21 (x32 Version:  - AimOneSoft, Inc.)
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.59.29722 - Microsoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.4.000 - Asmedia Technology)
Audacity 1.2.6 (x32 Version:  - )
Audible Download Manager (x32 Version: 6.6.0.15 - Audible, Inc.)
AudioBookCreator (x32 Version: 08.12.2003 - AudioBookCreator.com)
Avery Wizard 4.0 (x32 Version: 4.0.103 - Avery)
AVS DVDMenu Editor 1.2.1.19 (x32 Version:  - Online Media Technologies Ltd.)
AVS Video Converter 5.6 (x32 Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.2 (x32 Version:  - Online Media Technologies Ltd.)
Belkin Setup and Router Monitor (x32 Version:  - )
Belkin USB Print and Storage Center (Version: 1.1.4 - Belkin International, Inc.)
Big Fish Games: Game Manager (x32 Version: 3.0.1.60 - )
Bigasoft Total Video Converter 3.7.21.4680 (x32 Version:  - Bigasoft Corporation)
BitTorrent (HKCU Version: 7.8.2.30332 - BitTorrent Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 4.0.0.463 (Version:  - Bullzip)
Camtasia Studio 8 (x32 Version: 8.3.0.1471 - TechSmith Corporation)
CCleaner (Version: 4.10 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32 Version:  - Microsoft)
DivX Setup (x32 Version: 2.6.1.22 - DivX, LLC)
Dragon NaturallySpeaking 11 (x32 Version: 11.50.100 - Nuance Communications Inc.)
Dream Chronicles 2 (x32 Version:  - PlayFirst, Inc.)
DreamScene Seven version 1.6 (x32 Version: 1.6 - DREAMSCENESEVEN.COM)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DVD Shrink 3.2 (x32 Version:  - DVD Shrink)
DVDFab 8.1.7.6 (12/04/2012) Qt (x32 Version:  - Fengtao Software Inc.)
DVDFab HD Decrypter 3.1.4.0 (x32 Version:  - Fengtao Software Inc.)
EaseUS Partition Master 9.2.1 Home Edition (x32 Version:  - EaseUS)
Evernote v. 5.1 (x32 Version: 5.1.0.2217 - Evernote Corp.)
Fairway™ (x32 Version:  - )
FastStone Capture 5.3 (x32 Version: 5.3 - FastStone Soft)
Filedrop version 1.1.4 (x32 Version: 1.1.4 - Filedrop)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2 - FileZilla Project)
Game Jackal v5.2.0.0 (64 bit) (Version:  - SlySoft Inc.)
Getting Things Done Outlook Add-In (x32 Version: 3.2.31 - NetCentrics Corporation)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU Version: 1.0.22.105 - Google, Inc.)
Google+ Auto Backup (x32 Version: 1.0.21.81 - Google)
GPL Ghostscript Lite 9.06.15 (x32 Version:  - Free Distribution)
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )
iCloud (Version: 3.1.0.40 - Apple Inc.)
InqScribe 2.2.1.253 (x32 Version:  - Inquirium, LLC)
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 8.0.1.1399 - Intel Corporation)
Intel® Network Connections 16.6.126.0 (Version: 16.6.126.0 - Intel)
Intel® Network Connections 16.6.126.0 (Version: 16.6.126.0 - Intel) Hidden
Intel® Processor Graphics (x32 Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 11.0.0.1032 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.219.2 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (x32 Version:  - Intel Corporation)
ISO Recorder (Version: 3.1.0 - Alex Feinman)
iTunes (Version: 11.1.4.62 - Apple Inc.)
IVONA 2 (x32 Version: 1.6.63 - IVONA Software Sp. z o.o.)
IVONA ControlCenter (x32 Version: 1.1.5 - IVONA Software Sp. z o.o.)
IVONA MiniReader (x32 Version:  - IVONA Software Sp. z o.o.)
IVONA Reader (x32 Version:  - IVONA Software Sp. z o.o.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
L&H TTS3000 British English (x32 Version:  - )
LinkedIn Outlook Connector (x32 Version: 1.1.10.0 - LinkedIn)
LogMeIn (x32 Version: 4.1.3426 - LogMeIn, Inc.)
Macromedia Dreamweaver 4 (x32 Version: 4.0 - Macromedia)
Macromedia Extension Manager (x32 Version: 1.2 - Macromedia)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (x32 Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Halo (x32 Version:  - Microsoft)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Project MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Project Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (x32 Version:  - )
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
MKVToolNix 6.1.0 (x32 Version: 6.1.0 - Moritz Bunkus)
Monopoly (x32 Version:  - )
MotoHelper 2.1.32 Driver 5.4.0 (x32 Version: 2.1.32 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.5.4090.2 - Motorola)
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
MP4 Cutter 1.0 (x32 Version:  - spgsoft.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
Music Manager (HKCU Version:  - Google, Inc.)
Myst IV - Revelation (x32 Version: 1.03 - )
Nitro Reader 2 (Version: 2.5.0.36 - Nitro PDF Software)
Norton 360 (x32 Version: 21.1.0.18 - Symantec Corporation)
Norton One (x32 Version: 3.2.2.12 - Symantec Corporation)
Norton PC Checkup (x32 Version: 2.0.15.96 - Symantec Corporation)
NVIDIA PhysX (x32 Version: 9.10.0129 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Outlook Setup Tool (x32 Version: 2.1.15 - Starfield Technologies)
PCFriendly (x32 Version:  - )
PDFlite 0.8 (x32 Version: 0.8 - Amnis Technology Ltd)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
Plex Media Server (x32 Version: 0.9.818 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.818 - Plex, Inc.) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (x32 Version: 5 - Nitro PDF Software)
Prism Video File Converter (x32 Version:  - NCH Software)
PunkBuster Services (x32 Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 9.2 - Qualcomm Atheros)
QuickBooks Premier: Professional Services Edition 2007 (x32 Version:  - )
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
realMyst: Masterpiece Edition (x32 Version:  - Cyan)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RedMon - Redirection Port Monitor (Version:  - )
Reflector (Version: 1.3.3.1 - Squirrels)
ResidualVM (x32 Version:  - The ResidualVM Team)
Safari (x32 Version: 5.34.57.2 - Apple Inc.)
ScanToPDF 4.1 (x32 Version:  - O Imaging Corporation)
SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Slice Audio File Splitter (x32 Version:  - NCH Software)
Snagit 11 (x32 Version: 11.2.1 - TechSmith Corporation)
Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden
Switch Sound File Converter (x32 Version:  - NCH Software)
System Requirements Lab for Intel (x32 Version: 4.5.22.0 - Husdawg, LLC)
The Extractor (x32 Version: 1.4.3.2 - N00bsoft)
Total Recorder 8.4 Standard Edition (x32 Version:  - )
Tron: Evolution (x32 Version: 1.00.0000 - Disney Interactive Studios)
True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoDownloaderUltimate for Chrome (HKCU Version:  - Link64)
VideoPad Video Editor (x32 Version: 3.14 - NCH Software)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.200 - Nuance Communications Inc.)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WavePad Sound Editor (x32 Version:  - NCH Software)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29750 - Microsoft Corporation)
Windows Software Development Kit EULA (x32 Version: 8.59.25584 - Microsoft Corporations) Hidden
Windows XP Mode (Version: 1.3.7600.16423 - Microsoft Corporation)
WinHTTrack Website Copier 3.47-27 (x32 Version: 3.47.27 - HTTrack)
WPT Redistributables (x32 Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.29722 - Microsoft) Hidden
wurdz (x32 Version:  - )
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777 - Xiph.Org)
XMedia Recode version 3.1.5.5 (x32 Version: 3.1.5.5 - XMedia Recode)
XMind (x32 Version: 3.3.0 - XMind Ltd.)
Youtube Downloader HD v. 2.9.9.13 (x32 Version:  - YoutubeDownloaderHD.com)
 
==================== Restore Points  =========================
 
20-02-2014 18:25:32 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
20-02-2014 18:25:44 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
 
==================== Hosts content: ==========================
 
2009-07-13 19:34 - 2014-01-13 16:30 - 00000872 ____A C:\Windows\system32\Drivers\etc\hosts
54.225.95.126 gcbkfpidjhchgnokamccdemjfamackdh
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05D5162E-84AF-45A0-98D9-E44C8A8EA36B} - System32\Tasks\Digital Sites => C:\Users\WORDSM~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {05E400EC-7CB8-464A-A6F0-547E21C04C7E} - System32\Tasks\Norton One\Norton Error Analyzer => C:\Program Files (x86)\Norton One\Engine\3.2.2.12\SymErr.exe [2012-10-18] (Symantec Corporation)
Task: {0C03E496-E0D9-4731-8917-B0BD8EE00BA9} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-12-04] (RealNetworks, Inc.)
Task: {0F795EC4-BD5B-4944-8C8F-3414FD20B047} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {11C4EB01-80C6-43B2-A93F-E21772D7EEA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28] (Google Inc.)
Task: {1285ABA6-AED4-47FA-89CF-67CFA4703CF8} - System32\Tasks\DivX online update program => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-29] ()
Task: {12AC597D-5B39-4F0F-B742-F0C9ED80712B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {1DF51B8B-4E13-4DBF-8557-48294B81AE10} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1FEF40D4-C80A-4940-AF2B-C6A8B62F4FCD} - System32\Tasks\{AFBCBAA6-B8A8-4A50-B85A-655119638D68} => G:\INSTALL.EXE
Task: {2240F070-83B7-4815-B187-7D3D5F47A7C1} - System32\Tasks\{DC3F328D-8B1B-4806-ABB0-0BF510559981} => G:\INSTALL.EXE
Task: {283A0170-33D6-45D3-BE44-A2A40D053524} - System32\Tasks\Norton One\Norton Error Processor => C:\Program Files (x86)\Norton One\Engine\3.2.2.12\SymErr.exe [2012-10-18] (Symantec Corporation)
Task: {2FE0A6DF-70F7-4D93-A1F7-0A3D1A02B55B} - System32\Tasks\{8C00C757-B199-4162-922E-66E9C2E35002} => F:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe
Task: {32EB6D1B-906D-4BBA-8130-C9790C412523} - System32\Tasks\{E4626667-23EB-4881-BD9A-8E322C325D43} => C:\DIASONIC\DVR-Explorer\DVR-Explorer.exe
Task: {3517720F-4665-4419-990F-601CAC6CAE4B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {392AC0FD-2E82-46A4-9D9F-CFAA1FD79789} - System32\Tasks\NCH Software\prismShakeIcon => C:\Program Files (x86)\NCH Software\Prism\Prism.exe [2012-11-19] (NCH Software)
Task: {3C96409B-2E3B-46D4-A151-4C2C26E8726B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {43AC11EF-D272-49E4-A548-EF80C3D501DB} - System32\Tasks\4832 => Wscript.exe C:\Users\WORDSM~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {44F23CD9-0323-4C17-AEB0-604716D0F463} - System32\Tasks\ASUS\i-Setup114129 => C:\Windows\Chipset\AsusSetup.exe [2010-09-07] (ASUSTeK Computer Inc.)
Task: {45773C5B-925B-44C2-B5A0-F6BE72EAF6CB} - System32\Tasks\{83D5AB29-A392-4C75-B9F0-7DFFA4336521} => G:\INSTALL.EXE
Task: {467F7577-3555-4DC1-A60E-746861A0A221} - System32\Tasks\{9CBF0E8D-5492-4D73-A07F-F7D4257D1C06} => F:\Program Files (x86)\Mindjet\MindManager 10\MindManager.exe
Task: {4792C96C-3248-4A5C-A738-E51E510D82F5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {495D74E1-765A-47B3-BF1D-98C739E6E2A2} - System32\Tasks\{983D63A4-4305-4B3D-98AA-5E31DCC665D6} => C:\Program Files (x86)\NCH Software\Switch\switch.exe [2012-09-07] (NCH Software)
Task: {498B64EF-2D84-46E5-8324-8F86DA9A3998} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {4DB3364F-5A77-4239-8379-70209181EBC2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000UA => C:\Users\WordsmithLLC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)
Task: {50006E93-1B20-4F2C-8AB9-3B806A059755} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {512B8D8F-5B9B-4EB9-B990-B4ABD7CBE8A1} - System32\Tasks\{B3E1DCC9-C594-4139-9731-DF3AC8C99B02} => C:\Users\WordsmithLLC\Downloads\Junction\junction.exe
Task: {512BEB8C-C5C4-4931-A5CE-339D8FC2A2B5} - System32\Tasks\{37180F31-F65E-41ED-9A1D-49372915498F} => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe [2011-06-05] (Nuance Communications, Inc.)
Task: {51F0D209-004A-49EE-ACBB-FEE7014E4C1A} - System32\Tasks\{BC62D89C-85D4-4732-B500-D2DF956E6EB9} => G:\install.exe
Task: {52C46157-6009-4FBF-80AE-E4ED929FC5E9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2114272673-536018299-2031490470-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {53FDD076-D090-4F60-AD41-4266D6200C54} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {565F79BD-59B5-4F3E-87E6-51C9414B505B} - System32\Tasks\{C805F5CB-7A53-4457-B83B-DADF3BBA7EFC} => C:\Users\WordsmithLLC\Downloads\M402U_2305c.exe
Task: {5B356E80-1C21-4A77-B670-0067C8DFAAEC} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {5C3A8B8D-6641-48FA-9042-D3405E4684B2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2114272673-536018299-2031490470-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5FEF907E-BCEB-4662-B427-07A328535921} - System32\Tasks\{DA6BEC10-7D6B-4DC4-9FCE-D0F7CE587C43} => G:\INSTALL.EXE
Task: {60375746-7167-43D8-96D1-E3114063E4B0} - System32\Tasks\{49096464-045F-4650-AEEC-C8ADFCA02968} => F:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe
Task: {61DF5D98-1B36-40CA-A68A-288249EAB4C1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {6B62B037-961C-435B-8646-6A9C9DDF0BEA} - System32\Tasks\{65AA49FF-BCDC-4EC2-87BF-71933BCAE7C1} => F:\Program Files (x86)\Mindjet\MindManager 10\MindManager.exe
Task: {6E3A959D-700A-402D-B97A-041FC5148C44} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2114272673-536018299-2031490470-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7106F6EF-9D4D-4D91-A478-3FA6C8D39BC5} - System32\Tasks\{EBBF7983-3861-4EA4-8184-B15AB2BB26EF} => Z:\E - TO SORT\LostFiles1\A Paris Bedroom in Phoenix\Joey.Lisa.Paris.Bedroom.exe [2009-10-08] ()
Task: {7131BA9A-1D69-4A92-B838-5C7AFD7A5394} - System32\Tasks\{58034DE1-458B-4129-94D4-E1B849C3582C} => Z:\E - TO SORT\LostFiles1\A Paris Bedroom in Phoenix\Joey.Lisa.Paris.Bedroom.exe [2009-10-08] ()
Task: {71B43BF5-0EC3-4EB3-B17D-A2804C981E23} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2012-02-02] (ASUSTeK Computer Inc.)
Task: {7929F32A-C66D-4B6B-A628-97142CD0040A} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {79E22DB0-17B6-423F-A2E2-582438375416} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {79F73B35-7B19-490D-BBCE-DBB65D065940} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {7D356E3D-78F1-4680-932F-CEFE0F293556} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-01-30] (ASUSTeK Computer Inc.)
Task: {7EA98496-83FA-40B8-8A46-AB141EE06E35} - System32\Tasks\{87794E5D-079B-4CBB-8EEA-0C23F6084827} => Y:\Program Files (x86)\Motorola Media Link\Lite\MML.exe [2011-09-19] (Nero AG)
Task: {80753293-3988-41FE-8EAD-863871048F3A} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2011-12-30] (ASUSTeK Computer Inc.)
Task: {80CDE22C-6235-4D95-91F0-4566919C4697} - System32\Tasks\{9479E1DA-199C-4341-8693-B15DF943E839} => G:\INSTALL.EXE
Task: {863EBB9E-ED12-415E-8AAD-55B2447D90F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28] (Google Inc.)
Task: {883DC8F0-8757-4509-B8CF-3100119F4B9F} - System32\Tasks\{6B3C6232-01E2-4139-910E-8F80E11E0959} => Y:\Program Files\DVDFab 8 Qt\DVDFab.exe
Task: {8E443C96-BB14-4E65-8C3C-5822229DA92A} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2114272673-536018299-2031490470-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8E9F3E75-3697-4A38-A199-C9E3893E0BE1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {915AB882-EB76-45AD-83C0-FCBB3EEAC435} - System32\Tasks\{3F8159DB-151B-48F5-865A-8B762A7DEF85} => F:\Program Files (x86)\Mindjet\MindManager 10\MindManager.exe
Task: {98703838-D27B-45B3-8C1C-FD70D736D52A} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2114272673-536018299-2031490470-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9A4DB85D-4B98-4956-8D01-6292C4D48CC3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {9F4EBC32-2A80-430C-9B57-C0B517E26F9A} - System32\Tasks\{1BCEDFB0-2594-4607-849D-5B4189F34E48} => G:\autorun.exe
Task: {A157B2DC-FD05-4B59-9565-A35A31194475} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A94466B7-C34E-4BFD-A841-59BA1C0EF2C3} - System32\Tasks\{97DA4456-6B5A-4D0B-BC62-663B5DD6A3A9} => C:\Program Files (x86)\dvd43\DVD43_Tray.exe
Task: {AD5E17C8-7DF4-4BA1-9EC4-73D4438E2707} - System32\Tasks\{FEAD55C0-9213-4FD8-A691-8A10D763B94B} => F:\Program Files (x86)\Mindjet\MindManager 10\MindManager.exe
Task: {ADC69CC8-F1DD-4912-8600-0A911DFE0A1C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2114272673-536018299-2031490470-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B538F9EE-B1F8-4207-A16D-9BCE39681C51} - System32\Tasks\{1ED74F51-0C7F-42DA-9D02-41830DE5181D} => F:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe
Task: {BF08DC97-830E-42E8-B423-72762E9EF7B8} - System32\Tasks\{C5F31D31-2D94-415C-9650-1FC118E82965} => E:\Program Files (x86)\Intuit\QuickBooks 2007\QBW32PremierProfessional.exe
Task: {C0E916C5-1D06-4D9D-B9BC-A895F2983C3D} - System32\Tasks\{DD7993DC-2171-46AC-B7B9-EC824719439F} => G:\install.exe
Task: {C7BFB238-5A7C-42E4-9D91-99651EDCC531} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C935AB2C-AF8E-4D21-A4FB-D2AFB8803811} - System32\Tasks\{3365E932-4614-4AE4-ADC7-B339F99F87D4} => C:\Users\WordsmithLLC\Downloads\Junction\junction.exe
Task: {C9CD7A77-BC30-467B-9294-3FF371ADAC43} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {CA44DB1C-28A9-4AF9-99B6-DFF22BA39A13} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {CA663EA9-86CB-48F3-BBD6-BC4ECA006C8E} - System32\Tasks\SwitchReminder => C:\Program Files (x86)\NCH Software\Switch\switch.exe [2012-09-07] (NCH Software)
Task: {CB7DF241-768D-47FC-ABCA-D216D954232D} - System32\Tasks\{471FC065-B062-4FF5-A723-AAEE4A822CB5} => Y:\Program Files (x86)\InterVideo\WCreator2\WCreator.exe
Task: {D0FF43B3-6732-4434-A6B4-0EAB896A665C} - System32\Tasks\{F85DD2C0-B6EC-42DA-ACEF-97A9916CA7F4} => C:\Program Files (x86)\dvd43\DVD43_Tray.exe
Task: {D7811948-DCA2-4924-B6EE-21B9E381695D} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2114272673-536018299-2031490470-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D87E3636-373F-44BC-9298-4CC9D8B0359B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E214B657-84CA-472C-A5F1-4D538183E4C0} - System32\Tasks\{8D3E9E2D-C0C2-4B55-A255-2A727F91FC50} => F:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe
Task: {E2D3464D-4D53-4885-A12E-9ACDA1228B32} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {E4CE45FD-07F9-4E7A-9AD0-534C9778FD0A} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {E5C317E9-003F-4EA2-831E-C71257A25802} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-06] (Microsoft Corporation)
Task: {E8B1AC62-A7CF-4119-9726-88C2C6E464D8} - System32\Tasks\{5AC4B140-D03E-4F15-AAD5-9FCB4E4177C5} => Y:\Program Files (x86)\UBISOFT\Myst IV - Revelation\bin\Myst4.exe [2005-02-17] ()
Task: {EF009314-36D7-4920-A349-1D22CDD647B1} - System32\Tasks\{3760DB12-EE3D-47C5-B0D0-0C79DB8CE094} => F:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe
Task: {F2BCD7C5-017D-4F3A-A0F5-4BE43C583DA0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {F39774D9-A89E-449D-ACDA-B3AD9D9BFDBB} - System32\Tasks\{39EE839C-709E-47B6-94BB-19BF0D60B82F} => C:\Users\WordsmithLLC\Downloads\bigfishgames_fairway_pc.exe
Task: {F6D7B7BE-BCDC-44C8-8042-76D92CF06230} - System32\Tasks\Google Updater and Installer => C:\Users\WordsmithLLC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)
Task: {F73B0B21-5DE1-4331-96F6-055FFF89BCF7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000Core => C:\Users\WordsmithLLC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)
Task: {F7BE5DB3-F9E5-401B-BAB8-BC5FCE54A80E} - System32\Tasks\{050E1741-8F53-4FC1-A3C7-FA40A815D8FC} => C:\Users\WordsmithLLC\Downloads\Junction\junction.exe
Task: {F83ED416-137D-42BD-813C-E17A863B68E1} - System32\Tasks\{44B8F59A-FF38-42AD-A235-DFCCB4ADF492} => Y:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe
Task: {FD1036A4-C7DE-46B8-8A67-A050B5F002A1} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\WORDSM~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000Core.job => C:\Users\WordsmithLLC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2114272673-536018299-2031490470-1000UA.job => C:\Users\WordsmithLLC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SwitchReminder.job => C:\Program Files (x86)\NCH Software\Switch\switch.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-29 15:23 - 2011-02-28 15:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2012-09-24 20:11 - 2005-03-11 11:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2011-10-28 18:59 - 2011-10-28 18:59 - 00918448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
2012-09-22 13:29 - 2010-10-21 02:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-02-09 20:57 - 2011-04-19 16:31 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2014-02-09 20:57 - 2010-02-09 15:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2014-02-16 16:42 - 2013-10-30 09:41 - 04502200 _____ () Y:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe
2011-12-06 14:00 - 2011-12-06 14:00 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2012-12-19 21:49 - 2012-12-19 21:49 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-10-17 11:23 - 2013-10-17 11:23 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 07:42 - 2010-01-02 07:42 - 00098304 _____ () y:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-10-12 10:57 - 2011-10-12 10:57 - 00328704 _____ () Y:\Program Files\Extractor\extcmh64.dll
2014-02-09 20:57 - 2011-04-19 16:31 - 00150016 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2011-12-06 14:00 - 2011-12-06 14:00 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2012-08-28 14:37 - 2011-12-14 23:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-03 14:10 - 2014-01-17 16:41 - 00603648 _____ () C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-09 20:57 - 2012-02-23 15:57 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-22 13:25 - 2014-02-19 15:52 - 00030208 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll
2012-09-22 13:25 - 2010-06-28 19:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00128336 _____ () Y:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00023872 _____ () Y:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2011-09-19 15:59 - 2011-09-19 15:59 - 00465632 _____ () Y:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00045368 _____ () Y:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2011-09-19 15:57 - 2011-09-19 15:57 - 00034128 _____ () Y:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2012-11-29 14:59 - 2012-11-29 14:59 - 00093696 _____ () y:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2012-08-28 23:03 - 2012-08-28 23:03 - 03379200 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e5faad97\mscorlib.dll
2012-08-28 23:03 - 2012-08-28 23:03 - 01953792 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_1f25546c\system.dll
2012-08-23 00:42 - 2012-08-23 00:42 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2012-09-22 13:35 - 2012-02-01 18:20 - 00507904 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\MirrorOpSender.dll
2012-09-22 13:35 - 2011-08-16 19:31 - 00229376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\AudioProjection.dll
2012-09-22 13:35 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2012-09-22 13:35 - 2012-01-30 13:57 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\DLCapPP.dll
2012-09-22 13:35 - 2011-08-09 14:52 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\awiscale.DLL
2012-09-22 13:35 - 2012-01-18 22:39 - 00073728 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\IsSupported.dll
2012-09-22 13:35 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2012-09-22 13:35 - 2012-01-11 20:36 - 00708608 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2012-09-22 13:35 - 2011-12-04 01:28 - 00655360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
2012-09-22 13:34 - 2011-12-29 02:13 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 07605400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00202392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 01453720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00352920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
2013-10-18 16:55 - 2013-10-18 16:55 - 25100288 _____ () C:\Users\WordsmithLLC\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00032392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2013-12-23 21:17 - 2013-12-23 21:17 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2013-12-23 21:17 - 2013-12-23 21:17 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2012-09-22 13:35 - 2011-10-28 17:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\pngio.dll
2012-08-23 00:32 - 2012-08-23 00:32 - 01525120 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\icudt38.dll
2014-02-09 20:57 - 2010-08-22 20:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2014-02-09 20:57 - 2010-08-22 20:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2014-02-09 20:57 - 2010-08-22 20:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2014-02-09 20:57 - 2010-08-22 20:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2014-02-09 20:57 - 2010-08-22 19:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2014-02-09 20:57 - 2012-02-23 15:19 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2012-09-22 13:34 - 2011-09-08 15:23 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2012-09-22 13:29 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-09-22 13:29 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-09-22 13:30 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2012-09-22 13:29 - 2011-09-20 18:11 - 00985600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-09-22 13:32 - 2011-12-29 20:45 - 01296384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-09-22 13:32 - 2012-02-03 10:12 - 01122304 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2012-09-22 13:32 - 2011-12-08 11:17 - 01046016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-09-22 13:29 - 2011-12-28 11:18 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-09-22 13:29 - 2011-09-26 18:37 - 01616384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-09-22 13:29 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-09-22 13:29 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-09-22 13:29 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-09-22 13:35 - 2012-02-02 11:11 - 01494016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\WiFiGO.dll
2012-09-22 13:25 - 2010-08-22 19:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2012-09-22 13:29 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-09-22 13:34 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2012-09-22 13:34 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2012-09-22 13:34 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2012-09-22 13:29 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2012-09-22 13:32 - 2012-01-20 10:17 - 00150528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2012-09-22 13:32 - 2012-02-02 15:12 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
2012-09-22 13:32 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
2014-02-12 03:25 - 2014-02-12 03:25 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-08-28 17:55 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-08-28 14:35 - 2012-01-20 11:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-08-28 16:43 - 2014-01-17 16:41 - 36967424 _____ () C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\libcef.dll
2013-10-03 14:10 - 2014-01-17 16:41 - 00887808 _____ () C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-03 14:10 - 2014-01-17 16:41 - 00109568 _____ () C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\libegl.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2003-09-26 15:49 - 2003-09-26 15:49 - 00438272 _____ () Y:\Program Files (x86)\AudioBookCreator.com\OutlookReader.dll
2013-12-20 23:04 - 2013-12-20 23:04 - 03989888 _____ () Y:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () Y:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2012-08-23 01:12 - 2012-08-23 01:12 - 00019840 _____ () Y:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2014-02-03 19:28 - 2014-02-01 16:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-03 19:28 - 2014-02-01 16:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-03 19:28 - 2014-02-01 16:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-03 19:28 - 2014-02-01 16:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-03 19:28 - 2014-02-01 16:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2013-05-31 03:08 - 2013-05-31 03:08 - 00032112 _____ () C:\Program Files (x86)\IVONA\IVONA Reader\IvonaIntegration.dll
2013-11-21 05:12 - 2013-11-21 05:12 - 00918376 _____ () C:\Program Files (x86)\IVONA\IVONA 2 Voice\x86\ivona_voice_v1_6_63.dll
2013-09-25 02:21 - 2013-09-25 02:21 - 01773568 _____ () C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_1\x86\QtCoreIVONA4.dll
2013-09-25 02:34 - 2013-09-25 02:34 - 06694912 _____ () C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_1\x86\QtGuiIVONA4.dll
2013-09-25 05:26 - 2013-09-25 05:26 - 00025600 _____ () C:\Program Files (x86)\IVONA\IVONA 2 Voice\Qt_4_6_3_1\x86\QtSolutions_MFCMigrationFramework-2.8_IVONA.dll
2013-10-10 13:21 - 2013-10-10 13:21 - 03059584 _____ () C:\Program Files (x86)\IVONA\IVONA 2 Voice\voices\voice_en_gb_emma.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:0E22C5DB
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8
AlternateDataStreams: C:\ProgramData\Temp:B3606FCC
AlternateDataStreams: C:\Users\WordsmithLLC\AppData\Roaming\Comma Separated Values (Windows).EML:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk => C:\Windows\pss\InterVideo WinCinema Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Database Server Manager.lnk => C:\Windows\pss\QuickBooks Database Server Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^WordsmithLLC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AdAwareTray => "Y:\Program Files\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EaseUS EPM tray => y:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "Z:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LGODDFU => "e:\Program Files (x86)\lg_fwupdate\lgfw.exe" blrun
MSCONFIG\startupreg: MusicManager => "C:\Users\WordsmithLLC\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\WordsmithLLC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: vdultimate_chrome => C:\ProgramData\VideoDownloaderUltimate\Chrome\vdultimate.exe /checkforupdate
MSCONFIG\startupreg: Verbose => "C:\Program Files (x86)\NCH Software\Verbose\verbose.exe" -logon
 
==================== Faulty Device Manager Devices =============
 
Name: Atheros AR9485 Wireless Network Adapter
Description: Atheros AR9485 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/20/2014 11:07:10 AM) (Source: Application Hang) (User: )
Description: The program Ivona_MiniReader_inst_wi_ne.exe version 1.0.13.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2de0
 
Start Time: 01cf2e658873b83d
 
Termination Time: 1
 
Application Path: C:\Users\WordsmithLLC\Downloads\Ivona_MiniReader_inst_wi_ne.exe
 
Report Id: cd5a6139-9a59-11e3-99eb-c86000be374a
 
Error: (02/20/2014 09:05:46 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (02/20/2014 09:05:46 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (02/19/2014 04:10:23 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (02/19/2014 04:10:23 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (02/19/2014 03:53:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: AppleIEDAV.exe, version: 1.2.12.0, time stamp: 0x52867716
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x00033e3d
Faulting process id: 0x1728
Faulting application start time: 0xAppleIEDAV.exe0
Faulting application path: AppleIEDAV.exe1
Faulting module path: AppleIEDAV.exe2
Report Id: AppleIEDAV.exe3
 
Error: (02/19/2014 03:14:46 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (02/19/2014 03:14:46 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (02/19/2014 02:58:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: AppleIEDAV.exe, version: 1.2.12.0, time stamp: 0x52867716
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x00033e3d
Faulting process id: 0x1680
Faulting application start time: 0xAppleIEDAV.exe0
Faulting application path: AppleIEDAV.exe1
Faulting module path: AppleIEDAV.exe2
Report Id: AppleIEDAV.exe3
 
 
System errors:
=============
Error: (02/20/2014 03:02:13 AM) (Source: DCOM) (User: )
Description: {DD100006-6205-11CF-AE61-0000E8A28647}
 
Error: (02/19/2014 05:34:12 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (02/19/2014 03:57:46 PM) (Source: DCOM) (User: )
Description: {DD100006-6205-11CF-AE61-0000E8A28647}
 
Error: (02/19/2014 03:54:06 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/19/2014 03:18:35 PM) (Source: DCOM) (User: )
Description: {DD100006-6205-11CF-AE61-0000E8A28647}
 
Error: (02/19/2014 02:58:54 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (02/20/2014 11:07:10 AM) (Source: Application Hang)(User: )
Description: Ivona_MiniReader_inst_wi_ne.exe1.0.13.02de001cf2e658873b83d1C:\Users\WordsmithLLC\Downloads\Ivona_MiniReader_inst_wi_ne.execd5a6139-9a59-11e3-99eb-c86000be374a
 
Error: (02/20/2014 09:05:46 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (02/20/2014 09:05:46 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000008771000009030000
 
Error: (02/19/2014 04:10:23 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (02/19/2014 04:10:23 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance163707000000000000CB70000009030000
 
Error: (02/19/2014 03:53:17 PM) (Source: Application Error)(User: )
Description: AppleIEDAV.exe1.2.12.052867716ntdll.dll6.1.7601.18247521ea8e7c000000500033e3d172801cf2dc55c91edd8C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exeC:\Windows\SysWOW64\ntdll.dll9edb62bd-99b8-11e3-99eb-c86000be374a
 
Error: (02/19/2014 03:14:46 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (02/19/2014 03:14:46 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000F70000009030000
 
Error: (02/19/2014 02:58:02 PM) (Source: Application Error)(User: )
Description: AppleIEDAV.exe1.2.12.052867716ntdll.dll6.1.7601.18247521ea8e7c000000500033e3d168001cf2dbda4cb940dC:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exeC:\Windows\SysWOW64\ntdll.dlle69b2ef1-99b0-11e3-a617-c86000be374a
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-20 08:38:31.439
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 15:52:55.825
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 15:42:06.932
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 15:30:53.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 15:25:36.914
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 14:56:29.822
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 14:50:07.476
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 14:40:03.680
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 14:30:41.915
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-19 14:11:26.463
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 29%
Total physical RAM: 16071.05 MB
Available physical RAM: 11301.76 MB
Total Pagefile: 25104.99 MB
Available Pagefile: 20089.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: (Windows 7 Pro) (Fixed) (Total:98.36 GB) (Free:2.11 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Empty. Uninstall this old Drive.) (Fixed) (Total:128 GB) (Free:118.13 GB) NTFS
Drive f: (Work. Play. Fast.) (Fixed) (Total:140.01 GB) (Free:125.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive y: (1TB Seagate) (Fixed) (Total:931.51 GB) (Free:46.52 GB) NTFS
Drive z: (Music. Pictures. Sedentary Stuff) (Fixed) (Total:148.98 GB) (Free:30.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 186 GB) (Disk ID: 439862D7)
Partition 1: (Active) - (Size=186 GB) - (Type=0C)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DB6035B0)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 6CC1DB7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=140 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:00 AM

Posted 21 February 2014 - 07:58 AM



Hello JoeyRobertParks

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 JoeyRobertParks

JoeyRobertParks
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:00 AM

Posted 21 February 2014 - 03:22 PM

Okay, Gringo. I ran the two programs as you instructed. My system appears to be running much faster. Google Chrome says the Bee Coupon extension is gone. Awesome!

 

Anyway, here's the reports, so you can have a look:

 

*** ADWCLEANER REPORT ***
 
 
# AdwCleaner v3.019 - Report created 21/02/2014 at 11:55:39
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : WordsmithLLC - WORDSMITHLLC-PC
# Running from : C:\Users\WordsmithLLC\Desktop\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\TechSmith
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
Folder Deleted : C:\Program Files (x86)\Bench
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Users\WordsmithLLC\AppData\Local\emaze
Folder Deleted : C:\Users\WordsmithLLC\AppData\Local\TechSmith
Folder Deleted : C:\Users\WordsmithLLC\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\WordsmithLLC\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\WordsmithLLC\AppData\Roaming\TechSmith
File Deleted : C:\Users\WordsmithLLC\AppData\Roaming\Mozilla\Firefox\Profiles\alo3tkyk.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Windows\System32\Tasks\NCH Software
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKCU\Software\caphyon
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKLM\Software\Bench
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\NCH Software
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\WordsmithLLC\AppData\Roaming\Mozilla\Firefox\Profiles\alo3tkyk.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.117
 
[ File : C:\Users\WordsmithLLC\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [14680 octets] - [16/02/2014 19:34:38]
AdwCleaner[R1].txt - [2363 octets] - [21/02/2014 11:53:17]
AdwCleaner[S0].txt - [14953 octets] - [16/02/2014 19:36:02]
AdwCleaner[S1].txt - [2220 octets] - [21/02/2014 11:55:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2280 octets] ##########
 
*** JUNKWARE REMOVEAL TOOL REPORT ***
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by WordsmithLLC on Fri 02/21/2014 at 12:02:25.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 02/21/2014 at 12:07:51.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:00 AM

Posted 21 February 2014 - 04:09 PM


Hello JoeyRobertParks

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:00 AM

Posted 27 February 2014 - 08:49 AM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:00 AM

Posted 03 March 2014 - 07:16 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users