Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Massive popups with Windows 7


  • This topic is locked This topic is locked
24 replies to this topic

#1 fourforfore

fourforfore

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 05 April 2014 - 05:56 PM

I know that a lot of people have covered this topic, but I couldn't find a fix for windows 7 Home.

 

I tried using 'Hijack This' but it was unable to find an internet connection.

 

So I used Malwarebytes to obtain a log.

 

I hope it's complete enough.

 

Thanks, in advance, for any help.

 

 

 

 

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.04.05.04
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Owner :: OWNER-PC [administrator]
 
Protection: Disabled
 
4/5/2014 2:12:37 PM
mbam-log-2014-04-05 (14-12-37).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 226129
Time elapsed: 12 minute(s), 28 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 6
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKCU\Software\ilividmoviestoolbar181 (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\The weDownload Manager (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
HKLM\Software\The weDownload Manager (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\The weDownload Manager (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.conduit.com/?gd=&ctid=CT3324776&octid=EB_ORIGINAL_CTID&ISID=M8BDF673A-71C0-4394-93AC-F0C5AC5C1213&SearchSource=55&CUI=&UM=5&UP=SP9061B45B-1802-4030-97D2-A813CD3E9E7A&SSPV=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
 
Folders Detected: 122
C:\ProgramData\Datamngr (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\userCode (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\icons (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\icons\actions (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\api (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\popupResource (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0 (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\avira (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\imesh (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\mindspark (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\plain (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\taskbar (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\v5parity (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\newtab (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-born-star (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-reviews (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-trailers (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\search-box-imesh (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\search-box-imesh\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\lib (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\hack (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\shims (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\search-suggestion (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0 (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\avira (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\imesh (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\mindspark (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\plain (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\taskbar (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\v5parity (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\logo (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\newtab (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-born-star (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-movies (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-reviews (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-trailers (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\search-box-imesh (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\search-box-imesh\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\lib (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\hack (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\shims (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\rebuttal (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\rebuttal\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\search-suggestion (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\css\images (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
 
Files Detected: 577
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Documents\Downloads\aTube_Catcher_5188_ATU3.exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Documents\Downloads\CalculatorSetup.exe (PUP.Optional.Inbox) -> Quarantined and deleted successfully.
C:\Users\Owner\Documents\Downloads\iLividSetup-r0-n-bc (1).exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Owner\Documents\Downloads\iLividSetup-r0-n-bc.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Owner\Documents\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Owner\Documents\Downloads\InstallConverter_brch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2444541379-1693892906-2716229256-1000\$RJ2XQCN.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\MhQK_5tp.exe.part (PUP.Optional.AirAdInstaller) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsb449D.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsb73E4.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsc835A.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nse28B6.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsg8302.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsk4095.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsm26E7.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsm8F14.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsmE7B7.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nso6EC2.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsp8C99.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nspE303.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsu2213.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsx87F4.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsy3C6D.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsy78F6.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsz88BA.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\83de2c33-3fce-4e7d-a9c5-38aec04836fa\software\sp-downloader.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\is-LI8FF.tmp\BuenoSearchTB.exe (PUP.Optional.ToolBarInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsjEE78\SpSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nsl5816\SpSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\nswC859\SpSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Downloads\google earth setup (1).exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Downloads\google earth setup.exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\44SENFZS\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\4DDXCJU7\stubinst_pkg_en-us[1].cab (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\7YVBIVX3\searchprotect1204[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\BVI8AW6O\SPIdentifierImpl[1].exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\BVI8AW6O\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\G8ID9HMI\OfferBrokerage_14220I[1].exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ea727281-8281-467f-bafd-cf5fb6f1777a-1.job (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ea727281-8281-467f-bafd-cf5fb6f1777a-3.job (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ea727281-8281-467f-bafd-cf5fb6f1777a-4.job (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ea727281-8281-467f-bafd-cf5fb6f1777a-5.job (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\ProgramData\Datamngr\coordinator.cfg (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\ProgramData\Datamngr\general.cfg (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\ProgramData\Datamngr\S-1-5-21-2444541379-1693892906-2716229256-1000.cfg (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\background.html (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\chromeCoreFilesIndex.txt (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\crossriderManifest.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\manifest.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\popup.html (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\manifest.xml (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins.json (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\1.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\102.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\103.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\104.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\105.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\123.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\13.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\14.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\155.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\17.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\177.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\182.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\183.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\184.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\19.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\191.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\207.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\21.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\22.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\223.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\226.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\230.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\233.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\246.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\28.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\4.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\47.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\5.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\64.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\7.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\72.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\78.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\80.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\9.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\91.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\93.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\plugins\97.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\userCode\background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\extensionData\userCode\extension.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\icons\icon128.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\icons\icon16.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\icons\icon48.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\icons\actions\1.png (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\background.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\main.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\platformVersion.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\api\chrome.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\api\cookie.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\api\message.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\api\monitor.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\api\pageAction.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\api\pageActionBG.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\app_api.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\bg_app_api.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\consts.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\cookie_store.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\crossriderAPI.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\delegate.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\events.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\extensionDataStore.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\installer.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\logFile.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\logging.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\onBGDocumentLoad.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\reports.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\storageWrapper.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\updateManager.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\util.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\xhr.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\popupResource\newPopup.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.56_0\js\lib\popupResource\popup.js (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\icon.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\manifest.json (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\background-options.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\background.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\background.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\browser-action.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\cache-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\ChromeUtilPlugin.dll (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\cookies.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\feeds.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\fixup-jquery-for-ie.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\history.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\ie-bg-shim.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\init-bg-messaging.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\keywordSearch.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\lifecycle.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\localStorage.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\OneTimeCode.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\popup.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\preference.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\rebuttal.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\registry.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\reporting.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\search.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\security.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\sideByside.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\tabs.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\background\utils.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\build.json (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\lang-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\tb-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\test-widget-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\widget-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\chrome-options.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\content-script.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\init-tb-stuff.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\new-tab-page.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\newtab-overlay.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\newtab-subscript.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\toolbar.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\toolbar.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widget-bundled.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widget-hosted.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\chrome-options.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\containers.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\hp-new-tab.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\new-tab.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\searchbox.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\toolbar.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\avira\avira.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\imesh\imesh.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\mindspark\mindspark.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\mindspark\new-search-button-mid.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\mindspark\new-search-button-sides.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\plain\plain.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\taskbar\taskbar.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\css\themes\v5parity\v5parity.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\IDR_WEBSTORE_ICON.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo\logo_128x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo\logo_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo\logo_24x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo\logo_32x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo\logo_grey_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\logo\toolbar-icons.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\newtab\homepage_logo.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\newtab\thirdparty_icons.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search\btn_search_ask_taskbar.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search\logo_cobrand_18px.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search\logo_cobrand_24px.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search\new-search-button-mid.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search\new-search-button-sides.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search\search-button-mid.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\search\search-button-sides.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_1.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_10.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_10plus.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_2.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_3.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_4.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_5.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_6.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_7.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_8.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_9.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_exclaim.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\badge_numbers.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\bdg-gradient.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\bg.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\curved-divider.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\images\vanilla\left-bg.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-born-star\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies\movies_128x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies\movies_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies\movies_24x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies\movies_32x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-movies\movies_grey_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-reviews\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-trailers\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools\free_mp3_cutter_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools\movies_CD_Burner_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools\movies_FLV_Converter_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools\movies_FLV_Player_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools\movies_Free_MP3_WMA_Convertor_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\imesh-video-tools\movies_Free_Video_Converter_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\search-box-imesh\images\ask.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\search-box-imesh\images\btn-search.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\about.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\background.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\preferences.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\css\style.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\logo.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\options-main.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\options-search.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\options-widgets.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\about.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\background.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\controller.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\dateFormat.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\lib\utilities.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\content-script.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\injector.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\inline-html.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\notify-presence.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\positioning.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\toolbar.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\widget-hosted.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\widget.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\hack\facebook.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\hack\relative.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\content_script\hack\static.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\async-gate.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\browser-shim.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\constant.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\DataStore.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\default-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\i18n.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\jquery.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\json.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\polyfill.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\protocol.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\state-machine.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\tb-config-update.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\tb-message.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\widget-config-update.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\widget-messaging.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\window-position.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\lib\shims\console.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\chrome-options.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\ieCS.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\IFrameButton.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\init-toolbar.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\new-tab-page.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\rebuttal.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\reel.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\searchbox.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\shimIE.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\SimpleButton.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\tb_ux\toolbar.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\options.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\options.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\options.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\images\button-blue-1x20.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\images\button-grey-1x26.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\images\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\images\icons.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\options\images\lightblue-1x43.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal\rebuttal.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal\rebuttal.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal\rebuttal.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\rebuttal\images\warning.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\search-suggestion\search-suggestion.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\search-suggestion\search-suggestion.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\search-suggestion\search-suggestion.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\feed.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\menu.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css\menu.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css\images\footer_gradient.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css\images\footer_shadow.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css\images\image_placeholder.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\css\images\item-bg.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\js\api.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\js\feed.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\29.1_0\widgets\templates\js\menu.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\icon.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\manifest.json (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\background-options.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\background.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\background.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\browser-action.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\cache-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\cookies.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\feeds.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\fixup-jquery-for-ie.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\history.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\ie-bg-shim.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\init-bg-messaging.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\keywordSearch.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\lifecycle.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\localStorage.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\OneTimeCode.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\popup.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\preference.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\rebuttal.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\registry.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\reporting.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\search.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\security.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\sideByside.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\tabs.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\background\utils.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\build.json (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\lang-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\tb-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\test-widget-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\widget-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\chrome-options.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\content-script.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\init-tb-stuff.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\new-tab-page.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\newtab-overlay.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\newtab-subscript.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\toolbar.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\toolbar.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widget-bundled.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widget-hosted.xul (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\chrome-options.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\containers.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\hp-new-tab.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\new-tab.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\searchbox.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\toolbar.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\avira\avira.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\imesh\imesh.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\mindspark\mindspark.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\mindspark\new-search-button-mid.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\mindspark\new-search-button-sides.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\plain\plain.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\taskbar\taskbar.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\css\themes\v5parity\v5parity.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\IDR_WEBSTORE_ICON.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\logo\logo_128x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\logo\logo_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\logo\logo_24x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\logo\logo_32x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\logo\logo_grey_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\logo\toolbar-icons.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\newtab\homepage_logo.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\newtab\thirdparty_icons.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search\btn_search_ask_taskbar.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search\logo_cobrand_18px.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search\logo_cobrand_24px.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search\new-search-button-mid.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search\new-search-button-sides.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search\search-button-mid.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\search\search-button-sides.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_1.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_10.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_10plus.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_2.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_3.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_4.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_5.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_6.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_7.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_8.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_9.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_exclaim.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\badge_numbers.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\bdg-gradient.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\bg.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\curved-divider.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\images\vanilla\left-bg.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-born-star\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-movies\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-movies\movies_128x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-movies\movies_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-movies\movies_24x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-movies\movies_32x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-movies\movies_grey_19x.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-reviews\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-trailers\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools\free_mp3_cutter_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools\movies_CD_Burner_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools\movies_FLV_Converter_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools\movies_FLV_Player_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools\movies_Free_MP3_WMA_Convertor_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\imesh-video-tools\movies_Free_Video_Converter_36.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\search-box-imesh\images\ask.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\search-box-imesh\images\btn-search.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\about.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\background.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\preferences.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\uninstallInfo.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\css\style.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\logo.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\options-main.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\options-search.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\images\options-widgets.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\about.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\background.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\controller.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\dateFormat.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\uninstallInfo.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\config\skin\widgets\toolbar-options_imesh_movie_lvd2-dtx\js\lib\utilities.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\content-script.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\injector.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\inline-html.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\notify-presence.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\positioning.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\toolbar.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\widget-hosted.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\widget.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\hack\facebook.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\hack\relative.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\content_script\hack\static.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\async-gate.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\browser-shim.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\constant.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\DataStore.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\default-config.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\i18n.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\jquery.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\json.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\polyfill.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\protocol.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\state-machine.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\tb-config-update.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\tb-message.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\widget-config-update.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\widget-messaging.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\window-position.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\lib\shims\console.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\chrome-options.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\ieCS.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\IFrameButton.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\init-toolbar.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\new-tab-page.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\rebuttal.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\reel.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\searchbox.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\shimIE.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\SimpleButton.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\tb_ux\toolbar.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\options.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\options.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\options.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\images\button-blue-1x20.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\images\button-grey-1x26.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\images\button.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\images\icons.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\options\images\lightblue-1x43.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\rebuttal\rebuttal.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\rebuttal\rebuttal.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\rebuttal\rebuttal.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\rebuttal\images\warning.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\search-suggestion\search-suggestion.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\search-suggestion\search-suggestion.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\search-suggestion\search-suggestion.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\feed.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\menu.html (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\css\menu.css (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\css\images\footer_gradient.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\css\images\footer_shadow.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\css\images\image_placeholder.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\css\images\item-bg.png (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\js\api.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\js\feed.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\32.3_0\widgets\templates\js\menu.js (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\49074.crx (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\49074.xpi (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\ea727281-8281-467f-bafd-cf5fb6f1777a-3.exe (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\ea727281-8281-467f-bafd-cf5fb6f1777a-4.exe (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\ea727281-8281-467f-bafd-cf5fb6f1777a-5.exe (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\The weDownload Manager.ico (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\Uninstall.exe (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\The weDownload Manager\utils.exe (PUP.Optional.weDownload.A) -> Quarantined and deleted successfully.
 
(end)
 


BC AdBot (Login to Remove)

 


m

#2 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 AM

Posted 05 April 2014 - 06:00 PM

:welcome:

Hello fourforfore,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 05 April 2014 - 06:53 PM

Hi Jo,

 

Here are the logs you requested.

 

Gerry

 

 

 

 

 

 

 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2014   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player 12.0.0.77  
 Adobe Reader 7  
 Adobe Reader XI  
 Mozilla Firefox (28.0) 
 Mozilla Thunderbird (24.4.0) 
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 
 
 
 
 
 

OTL logfile created on: 4/5/2014 4:35:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.97 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 61.99% Memory free
3.93 Gb Paging File | 2.62 Gb Available in Paging File | 66.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 148.30 Gb Free Space | 63.70% Space Free | Partition Type: NTFS
Drive E: | 931.50 Gb Total Space | 827.31 Gb Free Space | 88.81% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Owner\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\JGsoft\EditPadPro6\EditPadPro.exe (Just Great Software)
PRC - C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Password Keychain\Passkeychain.exe (NFX Technologies)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe ()
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys (BitDefender LLC)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvolwin7.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaywin7.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirwin7.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfswin7.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (bcm44amd64) -- C:\Windows\SysNative\drivers\b44amd64.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Conduit Search"
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://foodtoolz.com/"
FF - prefs.js..extensions.enabledAddons: b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a%404bb97481-aead-4c2e-a62b-e25e264651bb.com:0.94.56
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/03/21 18:52:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/29 15:12:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 15:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/29 15:12:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 15:12:03 | 000,000,000 | ---D | M]
 
[2014/03/20 17:35:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2014/04/04 12:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] ("The weDownload Manager") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\userCode
[2014/03/29 15:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/03/29 15:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/29 15:12:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/05/16 18:00:12 | 000,046,856 | ---- | M] (E-Book Systems.) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOpf.dll
[2014/03/21 18:52:04 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://foodtoolz.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Entanglement Web App = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0\
CHR - Extension: WOT = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.11_0\
CHR - Extension: WOT = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.13_0\
CHR - Extension: WOT = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.6_0\
CHR - Extension: HootSuite Hootlet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn\4.1.2_0\
CHR - Extension: Webpage Screenshot = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\13.7_0\
CHR - Extension: AT_Hifana = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehkcjloafcfdoghagnjkcjpkgodpbglb\2_0\
CHR - Extension: Yahoo! Toolbar for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.41_0\
CHR - Extension: Yahoo! Toolbar for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.87_0\
CHR - Extension: avast! Online Security = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2016.82_0\
CHR - Extension: Page Refresh = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmooaemjmediafeacjplpbpenjnpcneg\1.1.6_0\
CHR - Extension: RealDownloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: Poppit = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Mail Checker = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: SEO for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Password Keychain] C:\Program Files (x86)\Password Keychain\Passkeychain.exe (NFX Technologies)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [XReminder] C:\Program Files (x86)\Impression eStudio\XReminder\XReminder.exe (Impression eStudio)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\Owner\AppData\Local\Apps\2.0\ROPOJ28D.2B0\7PTXV080.J05\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [Lavasoft AdBlock] C:\Program Files (x86)\Lavasoft\Ad-Aware AdBlocker (Alpha)\AdBlocker.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [XReminder] C:\Program Files (x86)\Impression eStudio\XReminder\XReminder.exe (Impression eStudio)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Reminder Free.lnk = E:\Program Files\Efficient Reminder Free\EfficientReminderFree.exe (Efficient Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6325F92E-2FB3-4B25-89FD-BB6A51872803}: DhcpNameServer = 192.168.1.1
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/14 09:48:11 | 000,000,097 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/05 14:29:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\VIRUS
[2014/04/05 14:07:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2014/04/05 14:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/04/05 14:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/05 14:07:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/05 14:07:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/04/05 13:02:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Activeris
[2014/04/05 12:01:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
[2014/04/05 12:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/04/05 12:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/04/05 12:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/04/05 11:20:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Gadwin
[2014/04/05 11:20:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Gadwin
[2014/04/05 11:20:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin
[2014/04/05 11:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadwin
[2014/04/05 10:58:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\SearchProtect
[2014/04/05 10:09:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014/04/05 10:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2014/04/04 12:37:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/04 08:02:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Lavasoft
[2014/04/04 07:45:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Lavasoft
[2014/04/04 07:45:38 | 000,450,616 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysNative\LavasoftProxy64.dll
[2014/04/04 07:45:30 | 000,357,432 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysWow64\LavasoftProxy.dll
[2014/04/04 07:45:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2014/04/04 07:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/04/04 07:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/04/03 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2014/04/03 13:27:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Diagnostics
[2014/04/03 08:55:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Macromedia
[2014/04/03 08:55:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Macromedia
[2014/03/31 12:58:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\EMAIL IMAGES
[2014/03/30 15:41:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PIX
[2014/03/30 14:50:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\vlc
[2014/03/30 10:28:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\E-mail Setups
[2014/03/29 15:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/27 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thinking BIG
[2014/03/27 16:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Font Viewer
[2014/03/26 17:13:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Help
[2014/03/26 17:13:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Help
[2014/03/26 17:12:10 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll
[2014/03/26 17:12:10 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll
[2014/03/26 17:12:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll
[2014/03/26 17:12:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll
[2014/03/26 17:12:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll
[2014/03/26 17:12:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll
[2014/03/26 17:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2014/03/26 16:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2014/03/26 13:19:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AdobeUM
[2014/03/25 15:43:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ilividmoviestoolbar181
[2014/03/25 14:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Analog Devices
[2014/03/25 14:26:17 | 000,386,048 | ---- | C] (Analog Devices, Inc.) -- C:\Windows\SysNative\drivers\ADIHdAud.sys
[2014/03/25 14:26:17 | 000,034,816 | ---- | C] (Analog Devices, Inc.) -- C:\Windows\SysNative\SmaxCo.dll
[2014/03/25 14:26:17 | 000,000,000 | ---D | C] -- C:\dell
[2014/03/25 14:23:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2014/03/25 14:23:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apps
[2014/03/25 14:23:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Deployment
[2014/03/25 11:42:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Adobe
[2014/03/23 22:37:58 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/03/23 11:37:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/23 11:37:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/03/23 11:37:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/03/23 11:37:33 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/23 11:37:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/03/23 11:37:33 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/23 11:37:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/23 11:37:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/03/23 11:37:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/23 11:37:32 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/23 11:37:31 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/23 11:37:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/23 11:37:30 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/23 11:37:30 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/23 11:37:29 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/23 11:37:29 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/23 11:37:29 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/23 11:37:29 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/03/23 11:37:28 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/03/23 11:37:28 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/23 11:37:27 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/23 11:37:27 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/23 11:37:26 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/23 11:37:26 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/22 18:47:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/03/22 17:11:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\SoftGrid Client
[2014/03/22 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2014/03/22 14:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/03/22 14:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPCSIGN Pro 2010
[2014/03/22 14:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SignMax
[2014/03/22 14:53:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2014/03/22 10:54:30 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/03/22 10:50:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/22 10:50:48 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/22 10:50:48 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/22 10:50:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/22 10:50:46 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/22 10:50:46 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/22 10:50:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/22 10:50:46 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/22 10:50:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/22 10:50:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/22 10:50:44 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/22 10:50:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/22 10:50:44 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/22 10:50:43 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/22 10:50:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/22 10:50:42 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/22 10:50:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/22 10:50:41 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/22 10:50:41 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/22 10:50:41 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/22 10:50:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/22 10:50:41 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/22 10:50:40 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/22 10:50:40 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/22 10:50:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/22 10:50:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/22 10:50:39 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/22 10:50:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/22 10:50:38 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/22 10:50:38 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/22 10:50:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/22 10:50:37 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/22 10:50:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/22 10:50:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/22 10:50:37 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:36 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/03/22 10:50:36 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/22 10:50:36 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/03/22 10:50:35 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/22 10:50:35 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/22 10:50:34 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/22 10:50:34 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/22 10:50:33 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/22 10:50:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/22 10:50:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/22 10:50:32 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/22 10:50:32 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/22 10:50:31 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/22 10:50:31 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/22 10:50:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/22 10:50:30 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/22 10:50:30 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/22 10:50:30 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/22 10:50:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/22 10:17:39 | 000,095,232 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxwia52.dll
[2014/03/22 10:17:39 | 000,004,608 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxwiaml.dll
[2014/03/22 10:17:38 | 000,161,280 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxuin52.dll
[2014/03/22 10:04:05 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msrepl35.dll
[2014/03/22 10:04:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vbar332.dll
[2014/03/22 10:04:05 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msxbse35.dll
[2014/03/22 10:04:05 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msrd2x35.dll
[2014/03/22 10:04:05 | 000,250,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspdox35.dll
[2014/03/22 10:04:05 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mstext35.dll
[2014/03/22 10:04:05 | 000,078,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb5db.dll
[2014/03/22 10:04:04 | 001,056,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msjet35.dll
[2014/03/22 10:04:04 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msexcl35.dll
[2014/03/22 10:04:04 | 000,166,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus35.dll
[2014/03/22 10:04:04 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint35.dll
[2014/03/22 10:04:04 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter35.dll
[2014/03/22 10:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2014/03/22 10:02:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
[2014/03/22 08:30:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Impression_eStudio
[2014/03/22 08:26:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XReminder
[2014/03/22 08:26:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Impression eStudio
[2014/03/22 07:30:58 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/03/22 07:30:57 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/03/22 07:30:54 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/03/22 07:30:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/03/22 07:30:40 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/03/22 07:30:39 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/03/22 07:29:59 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014/03/22 07:29:58 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014/03/22 07:29:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014/03/22 07:29:58 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014/03/22 07:29:57 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/03/22 07:29:57 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014/03/22 07:29:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014/03/22 07:28:53 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/03/22 07:28:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014/03/22 07:26:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\FileZilla
[2014/03/22 07:22:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Efficient Reminder Free
[2014/03/22 07:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/03/22 06:59:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/03/22 06:59:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/03/22 00:59:00 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/03/22 00:58:59 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/03/22 00:58:59 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/03/22 00:58:57 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/03/21 22:28:39 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/03/21 22:28:38 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/03/21 22:28:38 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:37 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/03/21 22:28:37 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/03/21 22:28:36 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/03/21 22:28:36 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/03/21 22:28:34 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/03/21 22:28:34 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/03/21 22:28:34 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/03/21 22:28:34 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/03/21 22:28:34 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/03/21 22:28:33 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/03/21 22:28:33 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/03/21 22:28:33 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/03/21 21:53:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/03/21 21:53:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/03/21 21:53:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/03/21 21:53:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/03/21 19:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
[2014/03/21 19:14:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Jasc Software Inc
[2014/03/21 19:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jasc Software Inc
[2014/03/21 19:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EditPad Pro 6
[2014/03/21 19:04:28 | 000,068,496 | ---- | C] (JGsoft - Just Great Software) -- C:\Windows\UnDeployV.exe
[2014/03/21 19:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JGsoft
[2014/03/21 19:02:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\JGsoft
[2014/03/21 18:56:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ElevatedDiagnostics
[2014/03/21 18:53:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\RealNetworks
[2014/03/21 18:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014/03/21 18:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/03/21 18:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014/03/21 18:52:10 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/03/21 18:51:59 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2014/03/21 18:51:59 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2014/03/21 18:51:57 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/03/21 18:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2014/03/21 18:51:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2014/03/21 18:50:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Real
[2014/03/21 18:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/03/21 18:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2014/03/21 14:04:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Thunderbird
[2014/03/21 14:02:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2014/03/21 12:15:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\LavasoftStatistics
[2014/03/21 12:15:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\LogMeIn Rescue Calling Card
[2014/03/21 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/03/21 12:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/03/21 08:48:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2014/03/21 08:43:32 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1
[2014/03/21 08:42:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2014/03/21 08:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2014/03/21 07:36:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Laflurla
[2014/03/20 22:28:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SolSuite
[2014/03/20 22:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Shopping Cart Creator Pro
[2014/03/20 22:15:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CoffeeCup Software
[2014/03/20 22:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Software
[2014/03/20 22:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2014/03/20 22:02:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2014/03/20 22:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoffeeCup Software
[2014/03/20 21:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Copernic
[2014/03/20 21:50:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Copernic
[2014/03/20 21:08:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\EPSON
[2014/03/20 21:07:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/03/20 18:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Keychain
[2014/03/20 18:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Password Keychain
[2014/03/20 18:19:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Syntrillium
[2014/03/20 17:47:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Mozilla
[2014/03/20 17:35:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2014/03/20 17:35:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Thunderbird
[2014/03/20 17:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/03/20 17:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/03/20 17:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uninstaller
[2014/03/20 17:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/03/20 16:53:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Programs
[2014/03/20 16:26:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2014/03/20 16:25:55 | 000,000,000 | ---D | C] -- C:\EPSONREG
[2014/03/20 16:25:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson
[2014/03/20 16:25:03 | 000,021,248 | ---- | C] (Padus, Inc.) -- C:\Windows\SysWow64\drivers\pfc.sys
[2014/03/20 16:24:33 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL
[2014/03/20 16:21:33 | 000,483,328 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK.dll
[2014/03/20 16:21:33 | 000,045,056 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicPrt.dll
[2014/03/20 16:21:33 | 000,045,056 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicMgr.dll
[2014/03/20 16:13:00 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/03/20 16:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
[2014/03/20 16:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/03/20 16:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
[2014/03/20 16:09:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2014/03/20 16:09:19 | 000,262,144 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysWow64\esint52.dll
[2014/03/20 16:09:19 | 000,180,224 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysWow64\eswia52.dll
[2014/03/20 13:08:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Unused Desktop Shortcuts
[2014/03/20 13:07:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\PCHF
[2014/03/20 13:07:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\OpenOffice.org 3.4.1 (en-US) Installation Files
[2014/03/20 13:07:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Image Software
[2014/03/20 13:07:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Adobe Reader 9 Installer
[2014/03/20 13:06:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Adobe InDesign CS5
[2014/03/20 13:06:18 | 015,492,608 | ---- | C] (Luis Cobian, CobianSoft) -- C:\Users\Owner\Desktop\cbSetup.exe
[2014/03/20 13:06:16 | 022,197,993 | ---- | C] (Zero G Software, Inc.) -- C:\Users\Owner\Desktop\ABFull.exe
[2014/03/20 13:06:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\CoffeeCup Software
[2014/03/20 13:03:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
[2014/03/20 13:03:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ZENCART
[2014/03/20 13:03:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ws_ftp
[2014/03/20 13:03:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Work At Home
[2014/03/20 13:03:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\WordPress
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\wmn
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Wind Storm 8-25-13
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Weedeater 1700
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\washer dryer
[2014/03/20 13:03:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Wallpaper
[2014/03/20 13:03:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\vivarium Tutorial
[2014/03/20 13:03:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\VA Medical History
[2014/03/20 13:03:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Upholstery Supplies
[2014/03/20 13:03:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Updater
[2014/03/20 13:03:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Twitter
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Turbo Lister Backup
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Turbo Lister
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Truck Rack
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Trinco
[2014/03/20 13:02:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TRANSFER
[2014/03/20 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TradeSmartU
[2014/03/20 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Tournament
[2014/03/20 13:01:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Tortoise Habitat
[2014/03/20 13:01:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TEMPO
[2014/03/20 13:01:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Templates - Photoshop
[2014/03/20 13:00:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TEMP
[2014/03/20 13:00:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Sue's
[2014/03/20 13:00:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Studebaker Shop Manual 2
[2014/03/20 12:59:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Studebaker Shop Manual 1
[2014/03/20 12:59:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Storage Shed Plans
[2014/03/20 12:58:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Stonehedge
[2014/03/20 12:50:22 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/03/20 12:50:22 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/03/20 12:50:20 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/03/20 12:50:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014/03/20 12:50:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014/03/20 12:50:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014/03/20 12:49:45 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014/03/20 12:49:45 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014/03/20 12:49:45 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014/03/20 12:49:44 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014/03/20 12:49:44 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014/03/20 12:49:44 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014/03/20 12:49:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/03/20 12:49:37 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/20 12:49:37 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/20 12:49:30 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/03/20 12:49:08 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/20 12:49:07 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/20 12:48:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014/03/20 12:48:28 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/03/20 12:48:27 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/03/20 12:48:24 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014/03/20 12:48:24 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014/03/20 12:48:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014/03/20 12:48:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014/03/20 12:48:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014/03/20 12:48:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014/03/20 12:48:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014/03/20 12:48:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014/03/20 12:48:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014/03/20 12:48:12 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/03/20 12:48:03 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/03/20 12:48:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/03/20 12:48:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/03/20 12:47:32 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/03/20 12:47:32 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/03/20 12:47:27 | 000,000,000 | --SD | C] -- C:\Users\Owner\Documents\Sticky Passwords
[2014/03/20 12:47:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\stockdata
[2014/03/20 12:47:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Stencils
[2014/03/20 12:47:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Stencil Machine
[2014/03/20 12:47:23 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/03/20 12:47:22 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/03/20 12:47:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014/03/20 12:47:21 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/03/20 12:47:21 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/03/20 12:47:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/03/20 12:47:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Springdale stuff
[2014/03/20 12:47:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Spider Web
[2014/03/20 12:44:41 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/03/20 12:44:40 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/03/20 12:44:40 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/03/20 12:44:40 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/03/20 12:44:40 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/03/20 12:44:39 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/03/20 12:44:39 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/03/20 12:44:39 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/03/20 12:44:39 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/03/20 12:44:38 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/03/20 12:44:38 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/03/20 12:44:38 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/03/20 12:44:38 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/03/20 12:44:37 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/03/20 12:44:37 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/03/20 12:44:37 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/03/20 12:44:37 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/03/20 12:43:13 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014/03/20 12:43:12 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014/03/20 12:43:10 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/03/20 12:43:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/03/20 12:43:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Corporate Minutes
[2014/03/20 12:43:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/03/20 12:43:00 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014/03/20 12:42:40 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/03/20 12:42:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\Rusting
[2014/03/20 12:42:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\New Folder
[2014/03/20 12:42:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\Images
[2014/03/20 12:42:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\12 Volt Resource
[2014/03/20 12:42:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\B&B Spreadsheet '02
[2014/03/20 12:41:57 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014/03/20 12:41:57 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014/03/20 12:41:56 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014/03/20 12:41:56 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014/03/20 12:41:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014/03/20 12:41:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014/03/20 12:41:55 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014/03/20 12:41:55 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014/03/20 12:41:55 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014/03/20 12:41:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014/03/20 12:41:55 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014/03/20 12:41:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014/03/20 12:41:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014/03/20 12:41:48 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014/03/20 12:41:42 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014/03/20 12:41:42 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014/03/20 12:41:09 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/03/20 12:41:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/03/20 12:40:53 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/03/20 12:40:53 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/03/20 12:40:52 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/03/20 12:40:52 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/03/20 12:40:52 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/03/20 12:40:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/03/20 12:40:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/03/20 12:40:40 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014/03/20 12:40:39 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014/03/20 12:40:13 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/03/20 12:40:13 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/03/20 12:40:01 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/03/20 12:39:54 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/03/20 12:39:54 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/03/20 12:39:51 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/03/20 12:39:51 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/03/20 12:39:51 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/03/20 12:39:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/03/20 12:39:51 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/03/20 12:39:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/03/20 12:39:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/03/20 12:39:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/03/20 12:39:49 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014/03/20 12:39:49 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014/03/20 12:39:48 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014/03/20 12:39:48 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014/03/20 12:39:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Spanish
[2014/03/20 12:39:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\SONY BLU-RAY
[2014/03/20 12:39:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Skinners Pond
[2014/03/20 12:39:44 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/03/20 12:39:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Sitemaps
[2014/03/20 12:39:43 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/03/20 12:39:43 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/03/20 12:39:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/03/20 12:39:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/03/20 12:39:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Sitemap
[2014/03/20 12:39:35 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/03/20 12:39:33 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/03/20 12:39:33 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/03/20 12:39:32 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/03/20 12:39:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014/03/20 12:39:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Silhouettes
[2014/03/20 12:39:30 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/03/20 12:39:29 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/03/20 12:39:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014/03/20 12:39:19 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/03/20 12:39:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/03/20 12:39:19 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/03/20 12:39:19 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/03/20 12:39:18 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/03/20 12:39:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/03/20 12:39:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/03/20 12:39:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/03/20 12:39:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/03/20 12:39:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/03/20 12:39:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/03/20 12:39:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/03/20 12:39:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/03/20 12:39:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/03/20 12:39:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/03/20 12:39:09 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/03/20 12:39:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/03/20 12:39:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014/03/20 12:39:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014/03/20 12:39:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/03/20 12:39:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014/03/20 12:39:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014/03/20 12:39:00 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014/03/20 12:38:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014/03/20 12:38:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014/03/20 12:38:46 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014/03/20 12:38:42 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/03/20 12:38:42 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/03/20 12:38:18 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/03/20 12:37:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Shopping Carts
[2014/03/20 12:37:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\SHOP MANUALS
[2014/03/20 12:37:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\SEO
[2014/03/20 12:37:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\sem-ebooks
[2014/03/20 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\scramble
[2014/03/20 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Rochester Linkage
[2014/03/20 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Rochester Carb
[2014/03/20 12:37:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/03/20 12:37:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014/03/20 12:37:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014/03/20 12:37:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\River 2014
[2014/03/20 12:37:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\RESUMES'
[2014/03/20 12:37:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\resource_v2
[2014/03/20 12:37:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\resource_backup
[2014/03/20 12:37:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Quincy Compressor
[2014/03/20 12:37:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Property View
[2014/03/20 12:37:30 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/03/20 12:37:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Press Release
[2014/03/20 12:37:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\prescreen_sr001
[2014/03/20 12:37:26 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/03/20 12:37:26 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/03/20 12:37:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plastic molding
[2014/03/20 12:37:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plastic Handles
[2014/03/20 12:36:50 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/03/20 12:36:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plastic Casting
[2014/03/20 12:36:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plant and Tree Rooting
[2014/03/20 12:36:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pinterest Tutorials
[2014/03/20 12:36:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/03/20 12:36:28 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014/03/20 12:36:28 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014/03/20 12:36:28 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014/03/20 12:36:28 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014/03/20 12:36:28 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014/03/20 12:36:28 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014/03/20 12:36:28 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014/03/20 12:36:28 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014/03/20 12:36:28 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014/03/20 12:36:28 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014/03/20 12:36:28 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014/03/20 12:36:28 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014/03/20 12:36:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014/03/20 12:36:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014/03/20 12:36:28 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014/03/20 12:36:28 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014/03/20 12:36:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pictures
[2014/03/20 12:36:27 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014/03/20 12:36:27 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014/03/20 12:36:27 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/03/20 12:36:26 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014/03/20 12:36:26 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014/03/20 12:36:26 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014/03/20 12:36:26 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014/03/20 12:36:26 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014/03/20 12:36:26 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014/03/20 12:36:26 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014/03/20 12:36:26 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014/03/20 12:36:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PHPRunnerProjects
[2014/03/20 12:36:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PHPRunnerLayouts
[2014/03/20 12:36:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PHP
[2014/03/20 12:36:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PFAFF 1245
[2014/03/20 12:36:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PATENT FORMS
[2014/03/20 12:36:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pasture For Sale
[2014/03/20 12:36:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pasture 2nd cut
[2014/03/20 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Paint Shop Pro 8
[2014/03/20 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\OTL
[2014/03/20 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Orange Crush
[2014/03/20 12:36:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\OpenOffice.org 3.3 (en-US) Installation Files
[2014/03/20 12:36:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\OneNote Notebooks
[2014/03/20 12:36:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ONAN
[2014/03/20 12:35:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\New Folder
[2014/03/20 12:35:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Webs
[2014/03/20 12:35:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My PSP8 Files
[2014/03/20 12:35:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My PSP Files
[2014/03/20 12:35:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My PDFill
[2014/03/20 12:35:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Kindle Content
[2014/03/20 12:35:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Albums
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\MJ
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\misc
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Medical Records
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Marvel Carb
[2014/03/20 12:35:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\MARKETING YOUR PRODUCT
[2014/03/20 12:35:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Make Magazine
[2014/03/20 12:35:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\LYRICS
[2014/03/20 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Love Seat
[2014/03/20 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\liteCam
[2014/03/20 12:35:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\LimeSurvey
[2014/03/20 12:35:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Landscaping Projects
[2014/03/20 12:35:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Lake Reflections
[2014/03/20 12:34:37 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014/03/20 12:34:36 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014/03/20 12:34:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014/03/20 12:34:35 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014/03/20 12:34:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\httpstomper999comday-1
[2014/03/20 12:34:19 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/03/20 12:34:19 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/03/20 12:34:18 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/03/20 12:34:18 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/03/20 12:34:18 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014/03/20 12:34:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014/03/20 12:34:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014/03/20 12:33:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\How To's - Instructables
[2014/03/20 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\House Videos
[2014/03/20 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\House Construction
[2014/03/20 12:33:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\HOPS
[2014/03/20 12:33:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\here2
[2014/03/20 12:33:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\here
[2014/03/20 12:33:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Handles
[2014/03/20 12:33:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Government Grants
[2014/03/20 12:33:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golfs
[2014/03/20 12:33:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\GOLFING
[2014/03/20 12:33:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golf Swing Plane
[2014/03/20 12:32:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golf DISTANCE
[2014/03/20 12:32:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golf
[2014/03/20 12:32:50 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/03/20 12:32:49 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/03/20 12:32:49 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/03/20 12:32:48 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/03/20 12:32:48 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/03/20 12:32:48 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/03/20 12:32:48 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/03/20 12:32:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/03/20 12:32:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/03/20 12:32:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/03/20 12:32:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/03/20 12:32:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/03/20 12:32:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/03/20 12:32:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\GOLD
[2014/03/20 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\GIMP
[2014/03/20 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Geico
[2014/03/20 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\gegl-0.0
[2014/03/20 12:32:31 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/03/20 12:32:25 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/03/20 12:32:23 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/03/20 12:32:23 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/03/20 12:31:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014/03/20 12:31:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014/03/20 12:31:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/03/20 12:31:23 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/03/20 12:31:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/03/20 12:31:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Game of Thrones
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Gambrel Roof
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FrostWire
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FROGS
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Freemake
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FreeButtons Projects
[2014/03/20 12:31:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FotoMorph Data
[2014/03/20 12:31:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FotoMix Data
[2014/03/20 12:31:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Form
[2014/03/20 12:30:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FOOD TOOLZ
[2014/03/20 12:30:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Fonts
[2014/03/20 12:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\flpalbm_opf_files
[2014/03/20 12:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FIZZ
[2014/03/20 12:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Fitness Guides
[2014/03/20 12:30:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Fire Belly Frogs
[2014/03/20 12:30:16 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/03/20 12:30:13 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/03/20 12:30:13 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/03/20 12:30:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FileZilla
[2014/03/20 12:30:09 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/03/20 12:30:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Expression
[2014/03/20 12:30:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Excercise - Stretch & Balance
[2014/03/20 12:30:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Employment
[2014/03/20 12:29:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/03/20 12:29:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/03/20 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\EMAIL IMAGES
[2014/03/20 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\EfficientPIM AutoBackup
[2014/03/20 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Ecwid Widgets
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\E-Commerce
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Ebay STuff
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\EBAY Stationary
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\DUMP
[2014/03/20 12:29:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Drain Field
[2014/03/20 12:29:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Downloads DELL
[2014/03/20 12:29:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/03/20 12:29:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014/03/20 12:20:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Downloads
[2014/03/20 12:20:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Dombroski Pics
[2014/03/20 12:20:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Devilibis  Compressor
[2014/03/20 12:20:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\dailyeod
[2014/03/20 12:20:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Contact
[2014/03/20 12:20:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Composting
[2014/03/20 12:12:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\CoffeeCup Software
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Coffee cup gifts
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Chrome
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Chili Recipes
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Caveman
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Casselman
[2014/03/20 12:12:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Carbs
[2014/03/20 12:12:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Camtasia Studio
[2014/03/20 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\California Fonts
[2014/03/20 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Caddy Card
[2014/03/20 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Buttons
[2014/03/20 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Business Loan
[2014/03/20 12:11:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\BOULDER WORDS
[2014/03/20 12:11:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Book_opf_files
[2014/03/20 12:11:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\BOOKS
[2014/03/20 12:11:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\BLUE RAZOR
[2014/03/20 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Blacksmith
[2014/03/20 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\B & B STORE
[2014/03/20 12:11:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Azureus Downloads
[2014/03/20 12:11:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Australian Redclaw Crayfish
[2014/03/20 12:11:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AquaPonics
[2014/03/20 12:11:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Aqua Clean Manual
[2014/03/20 12:11:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Altova
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Albums
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AeroFlo
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AdobeStockPhotos
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Add-in Express
[2014/03/20 12:10:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AcesBook_opf_files
[2014/03/20 12:10:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Aces Pics
[2014/03/20 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ABS
[2014/03/20 12:10:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AA New Form
[2014/03/20 12:10:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AA Config
[2014/03/20 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\4-3 wire
[2014/03/20 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\1001
[2014/03/20 12:10:47 | 109,212,672 | ---- | C] (VMware, Inc.) -- C:\Users\Owner\Documents\VMware-player-3.1.4-385536.exe
[2014/03/20 12:08:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\Local
[2014/03/20 12:08:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\dwhelper
[2014/03/20 12:08:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\ChartNexus
[2014/03/20 12:08:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Auctonic
[2014/03/20 12:08:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\.thumbnails
[2014/03/20 12:08:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\.jstock
[2014/03/20 12:08:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\.gimp-2.8
[2014/03/20 12:08:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\.gimp-2.6
[2014/03/20 12:08:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\.frostwire5
[2014/03/20 12:08:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\MotiveWave Extensions
[2014/03/20 12:04:42 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/03/20 12:04:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014/03/20 12:04:09 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014/03/20 12:04:06 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/03/20 12:04:05 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/03/20 12:04:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/03/20 12:04:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/03/20 12:01:34 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014/03/20 12:01:34 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014/03/20 12:01:33 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/03/20 12:01:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/03/20 12:01:33 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/03/20 12:01:33 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/03/20 12:01:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/03/20 12:01:32 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/03/20 12:01:07 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/03/20 12:01:07 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014/03/20 12:00:45 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/03/20 12:00:18 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/03/20 12:00:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/03/20 12:00:14 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/03/20 11:59:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Adobe
[2014/03/20 11:59:50 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/03/20 11:59:50 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/03/20 11:59:49 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/03/20 11:59:49 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/03/20 11:59:45 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2014/03/20 11:59:44 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2014/03/20 11:58:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/03/20 11:58:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/03/20 11:39:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/03/06 18:30:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/03/06 18:28:10 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/03/06 18:27:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/03/06 18:26:42 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/03/06 18:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2014/03/06 18:13:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/03/06 18:13:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/03/06 18:13:54 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/03/06 18:13:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/03/06 18:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2014/03/06 18:13:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\TP
[2014/03/06 18:13:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Rescue Calling Card
[2014/03/06 18:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Rescue Calling Card
[2014/03/06 18:11:39 | 000,973,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2014/03/06 18:11:38 | 001,095,080 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2014/03/06 18:11:38 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/03/06 18:11:30 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/03/06 18:11:30 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/03/06 18:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/03/06 18:11:29 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/03/06 18:11:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/03/06 17:57:48 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/03/06 17:57:48 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/06 17:57:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/03/06 17:57:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/03/06 17:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/03/06 17:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/03/06 17:51:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Google
[2014/03/06 17:43:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AVG2014
[2014/03/06 17:42:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
[2014/03/06 17:40:43 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014/03/06 17:40:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014/03/06 17:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014/03/06 17:33:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/03/06 17:33:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\MFAData
[2014/03/06 17:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/03/06 17:33:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Avg2014
[2014/03/06 17:26:25 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2014/03/06 17:26:25 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2014/03/06 17:20:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/03/06 17:20:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/03/06 17:18:37 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/03/06 17:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/03/06 17:13:45 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/03/06 17:13:45 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/03/06 17:13:45 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/03/06 17:13:40 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/03/06 17:13:40 | 000,000,000 | R--D | C] -- C:\Users\Owner\Searches
[2014/03/06 17:13:40 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/03/06 17:13:39 | 000,000,000 | -H-D | C] -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/03/06 17:13:36 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/03/06 17:13:36 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/03/06 17:13:36 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/03/06 17:13:26 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/03/06 17:13:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/03/06 17:13:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Identities
[2014/03/06 17:13:16 | 000,000,000 | R--D | C] -- C:\Users\Owner\Contacts
[2014/03/06 17:13:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\VirtualStore
[2014/03/06 17:13:02 | 000,000,000 | --SD | C] -- C:\Users\Owner\AppData\Roaming\Microsoft
[2014/03/06 17:13:02 | 000,000,000 | RHSD | C] -- C:\Users\Owner\Documents\My Videos
[2014/03/06 17:13:02 | 000,000,000 | RHSD | C] -- C:\Users\Owner\Documents\My Pictures
[2014/03/06 17:13:02 | 000,000,000 | RHSD | C] -- C:\Users\Owner\Documents\My Music
[2014/03/06 17:13:02 | 000,000,000 | RHSD | C] -- C:\Users\Owner\My Documents
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Videos
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Saved Games
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Pictures
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Music
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Links
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Favorites
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Downloads
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Documents
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\Desktop
[2014/03/06 17:13:02 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\Temporary Internet Files
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Templates
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Start Menu
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\SendTo
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Recent
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\PrintHood
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\NetHood
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Local Settings
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\History
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Cookies
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\Application Data
[2014/03/06 17:13:02 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\Application Data
[2014/03/06 17:13:02 | 000,000,000 | -H-D | C] -- C:\Users\Owner\AppData
[2014/03/06 17:13:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Temp
[2014/03/06 17:13:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Microsoft
[2014/03/06 17:13:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2014/03/06 17:12:48 | 000,000,000 | -HSD | C] -- C:\Recovery
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/05 16:09:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/05 15:45:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/05 15:32:07 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/05 15:32:07 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/05 14:37:52 | 000,630,784 | ---- | M] () -- C:\Users\Owner\Documents\MyReminder.erf
[2014/04/05 14:36:56 | 000,002,305 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/04/05 14:34:05 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Owner.job
[2014/04/05 14:33:44 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/05 14:33:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/05 14:33:32 | 1583,951,872 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/05 14:07:38 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 12:40:00 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task cd608569-4bf1-4c34-9d3c-41f17e29b13e.job
[2014/04/05 12:40:00 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 277f104f-cb47-45fc-b79c-739ee2537d65.job
[2014/04/05 12:00:47 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/04/05 11:20:47 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\Gadwin PrintScreen (64-Bit).lnk
[2014/04/05 10:09:26 | 000,002,975 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2014/04/05 09:08:12 | 000,000,013 | ---- | M] () -- C:\Windows\SysWow64\WinSys32.crc
[2014/04/05 09:06:11 | 000,000,889 | ---- | M] () -- C:\Users\Owner\Desktop\CoffeeCup HTML Editor.lnk
[2014/04/05 07:06:59 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Owner.job
[2014/04/04 22:00:10 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Owner.job
[2014/04/04 12:34:59 | 001,426,178 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2014/04/04 10:17:11 | 000,007,624 | ---- | M] () -- C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
[2014/04/03 20:35:32 | 305,718,052 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/04/03 13:54:01 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2014/04/03 09:50:27 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/03 09:50:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/02 14:13:13 | 000,001,829 | ---- | M] () -- C:\Users\Owner\Documents\BOULDER WORDS - Shortcut (2).lnk
[2014/03/31 08:25:34 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/03/30 16:35:33 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/30 16:35:33 | 000,624,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/30 16:35:33 | 000,106,502 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/28 07:20:23 | 005,945,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/27 16:58:00 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Font Viewer.lnk
[2014/03/25 15:47:44 | 000,001,040 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2014/03/25 13:06:48 | 000,398,388 | ---- | M] () -- C:\Users\Owner\Documents\A11temp.EPS
[2014/03/25 11:28:08 | 000,000,295 | ---- | M] () -- C:\Users\Owner\Desktop\Cool Edit.lnk
[2014/03/25 11:21:15 | 000,001,883 | ---- | M] () -- C:\Users\Owner\Desktop\BOULDER WORDS.lnk
[2014/03/23 08:51:32 | 000,000,840 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Reminder Free.lnk
[2014/03/22 14:57:14 | 000,001,411 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/22 14:55:40 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\WinPCSIGN Pro 2010.lnk
[2014/03/22 10:50:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/22 10:50:48 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/22 10:50:48 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/22 10:50:48 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/22 10:50:46 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/22 10:50:46 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/22 10:50:46 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/22 10:50:46 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:45 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/22 10:50:45 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/22 10:50:45 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/22 10:50:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/22 10:50:44 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/22 10:50:44 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/22 10:50:44 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/22 10:50:44 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/22 10:50:43 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/22 10:50:42 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/22 10:50:42 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/22 10:50:41 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/22 10:50:41 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/22 10:50:41 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/22 10:50:41 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/22 10:50:41 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/22 10:50:40 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/22 10:50:40 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/22 10:50:40 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/22 10:50:40 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/22 10:50:39 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/22 10:50:39 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/22 10:50:38 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/22 10:50:38 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/22 10:50:38 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/22 10:50:37 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/22 10:50:37 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/22 10:50:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/22 10:50:37 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:36 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/03/22 10:50:36 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/22 10:50:36 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/03/22 10:50:35 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/22 10:50:35 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/22 10:50:34 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/22 10:50:34 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/22 10:50:34 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/22 10:50:33 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/22 10:50:33 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/22 10:50:33 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/22 10:50:32 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/22 10:50:32 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/22 10:50:31 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/22 10:50:31 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/22 10:50:31 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/22 10:50:30 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/22 10:50:30 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/22 10:50:30 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/22 10:50:30 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/22 10:17:48 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014/03/22 10:05:13 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 7.0.lnk
[2014/03/22 10:04:32 | 000,001,214 | ---- | M] () -- C:\Users\Public\Desktop\PERF3490P_3590P User's Guide.lnk
[2014/03/22 08:32:02 | 000,001,731 | ---- | M] () -- C:\Users\Owner\Desktop\XReminder - Shortcut.lnk
[2014/03/22 07:32:29 | 000,001,401 | ---- | M] () -- C:\Users\Owner\Desktop\Paint Shop Pro -.lnk
[2014/03/22 07:25:38 | 000,001,309 | ---- | M] () -- C:\Users\Owner\Desktop\EfficientReminderFree - Shortcut.lnk
[2014/03/21 22:28:39 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/03/21 22:28:38 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/03/21 22:28:38 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:37 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/03/21 22:28:37 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/03/21 22:28:36 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/03/21 22:28:36 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/03/21 22:28:34 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/03/21 22:28:34 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/03/21 22:28:34 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/03/21 22:28:34 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/03/21 22:28:34 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/03/21 22:28:33 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/03/21 22:28:33 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/03/21 22:28:33 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/03/21 19:04:29 | 000,001,432 | ---- | M] () -- C:\Users\Public\Desktop\EditPad Pro.lnk
[2014/03/21 18:52:51 | 000,001,268 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/03/21 18:52:10 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/03/21 18:51:59 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2014/03/21 18:51:59 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2014/03/21 18:51:57 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/03/21 14:21:06 | 000,002,114 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/03/21 14:02:18 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/03/21 11:56:05 | 000,051,988 | ---- | M] () -- C:\Users\Owner\Documents\KEYCHAIN.odt
[2014/03/21 09:11:35 | 000,000,513 | ---- | M] () -- C:\Users\Owner\Desktop\My Documents.lnk
[2014/03/21 08:43:35 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2014/03/20 22:19:08 | 000,001,314 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Designer Pro.lnk
[2014/03/20 22:17:14 | 000,001,298 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Designer.lnk
[2014/03/20 22:15:16 | 000,038,912 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\SharedSettings.ccs
[2014/03/20 22:15:02 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Creator Pro.lnk
[2014/03/20 22:08:50 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Creator.lnk
[2014/03/20 21:52:05 | 000,000,687 | ---- | M] () -- C:\Users\Owner\Desktop\Copernic.lnk
[2014/03/20 18:34:43 | 000,001,012 | ---- | M] () -- C:\Users\Owner\Desktop\Password Keychain.lnk
[2014/03/20 18:23:55 | 000,000,622 | ---- | M] () -- C:\Users\Owner\Desktop\CdTree 3.lnk
[2014/03/20 18:19:25 | 000,000,727 | ---- | M] () -- C:\Users\Owner\Desktop\Sitemapper.lnk
[2014/03/20 18:15:19 | 000,000,837 | ---- | M] () -- C:\Users\Owner\Desktop\HTML Editor.lnk
[2014/03/20 18:04:07 | 000,008,284 | ---- | M] () -- C:\Windows\SysWow64\eps_icon.avi
[2014/03/20 17:53:55 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/20 17:46:50 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/20 13:19:25 | 000,009,721 | ---- | M] () -- C:\Users\Owner\Desktop\Registration_Login.eml
[2014/03/17 12:15:46 | 000,085,386 | ---- | M] () -- C:\Users\Owner\Documents\VA Bergman Payment History.pdf
[2014/03/15 08:58:20 | 000,050,688 | ---- | M] () -- C:\Users\Owner\Documents\THANK YOU.pub
[2014/03/07 17:09:33 | 000,002,283 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/07 17:08:22 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014/03/06 18:31:14 | 000,115,640 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/03/06 18:31:14 | 000,115,640 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/03/06 18:29:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/03/06 18:14:23 | 000,730,638 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/06 18:13:07 | 000,002,409 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Rescue Calling Card.lnk
[2014/03/06 18:11:19 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/03/06 18:11:18 | 001,095,080 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2014/03/06 18:11:18 | 000,973,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2014/03/06 18:11:18 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/03/06 18:11:18 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/03/06 18:11:18 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/03/06 17:20:53 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
 
========== Files Created - No Company Name ==========
 
[2014/04/05 14:07:38 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 12:01:47 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 277f104f-cb47-45fc-b79c-739ee2537d65.job
[2014/04/05 12:01:44 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task cd608569-4bf1-4c34-9d3c-41f17e29b13e.job
[2014/04/05 12:00:47 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/04/05 11:20:47 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\Gadwin PrintScreen (64-Bit).lnk
[2014/04/05 10:09:26 | 000,002,975 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2014/04/05 09:06:18 | 000,000,013 | ---- | C] () -- C:\Windows\SysWow64\WinSys32.crc
[2014/04/05 09:06:11 | 000,000,889 | ---- | C] () -- C:\Users\Owner\Desktop\CoffeeCup HTML Editor.lnk
[2014/04/04 12:34:18 | 001,426,178 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2014/04/04 07:36:13 | 000,002,305 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/04/02 21:59:03 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Owner.job
[2014/04/02 21:59:02 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Owner.job
[2014/04/02 21:59:01 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Owner.job
[2014/04/02 14:13:13 | 000,001,829 | ---- | C] () -- C:\Users\Owner\Documents\BOULDER WORDS - Shortcut (2).lnk
[2014/03/27 16:58:00 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Font Viewer.lnk
[2014/03/25 15:47:44 | 000,001,040 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2014/03/25 11:21:15 | 000,001,883 | ---- | C] () -- C:\Users\Owner\Desktop\BOULDER WORDS.lnk
[2014/03/23 22:20:47 | 000,007,624 | ---- | C] () -- C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
[2014/03/23 08:51:32 | 000,000,840 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Reminder Free.lnk
[2014/03/22 14:57:14 | 000,001,411 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/22 14:55:40 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\WinPCSIGN Pro 2010.lnk
[2014/03/22 10:50:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/22 10:50:34 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/22 10:17:38 | 000,064,000 | ---- | C] () -- C:\Windows\SysNative\esfw52.bin
[2014/03/22 10:05:13 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 7.0.lnk
[2014/03/22 10:05:12 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 7.0.lnk
[2014/03/22 08:32:02 | 000,001,731 | ---- | C] () -- C:\Users\Owner\Desktop\XReminder - Shortcut.lnk
[2014/03/22 07:32:29 | 000,001,401 | ---- | C] () -- C:\Users\Owner\Desktop\Paint Shop Pro -.lnk
[2014/03/22 07:25:38 | 000,001,309 | ---- | C] () -- C:\Users\Owner\Desktop\EfficientReminderFree - Shortcut.lnk
[2014/03/21 21:53:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/03/21 19:04:29 | 000,001,432 | ---- | C] () -- C:\Users\Public\Desktop\EditPad Pro.lnk
[2014/03/21 18:52:51 | 000,001,268 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/03/21 14:02:18 | 000,002,114 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/03/21 14:02:18 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2014/03/21 14:02:18 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/03/21 08:55:26 | 000,051,988 | ---- | C] () -- C:\Users\Owner\Documents\KEYCHAIN.odt
[2014/03/21 08:43:35 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2014/03/20 22:19:08 | 000,001,314 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Designer Pro.lnk
[2014/03/20 22:17:14 | 000,001,298 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Designer.lnk
[2014/03/20 22:15:14 | 000,038,912 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\SharedSettings.ccs
[2014/03/20 22:15:02 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Creator Pro.lnk
[2014/03/20 22:02:53 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Creator.lnk
[2014/03/20 21:07:40 | 305,718,052 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/03/20 19:41:41 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2014/03/20 18:34:43 | 000,001,012 | ---- | C] () -- C:\Users\Owner\Desktop\Password Keychain.lnk
[2014/03/20 18:04:07 | 000,008,284 | ---- | C] () -- C:\Windows\SysWow64\eps_icon.avi
[2014/03/20 17:46:50 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/03/20 17:46:50 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/20 16:25:19 | 000,001,214 | ---- | C] () -- C:\Users\Public\Desktop\PERF3490P_3590P User's Guide.lnk
[2014/03/20 16:21:33 | 000,066,532 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2014/03/20 16:21:33 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2014/03/20 16:21:33 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2014/03/20 16:21:33 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2014/03/20 16:21:33 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2014/03/20 16:21:33 | 000,012,669 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2014/03/20 16:21:33 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2014/03/20 16:21:33 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2014/03/20 16:21:33 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2014/03/20 16:21:33 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2014/03/20 16:21:33 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2014/03/20 16:21:33 | 000,006,226 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2014/03/20 16:21:33 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2014/03/20 16:21:33 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2014/03/20 16:21:33 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2014/03/20 16:21:33 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2014/03/20 16:21:33 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2014/03/20 16:21:33 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2014/03/20 16:21:33 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2014/03/20 16:21:33 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2014/03/20 16:09:21 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014/03/20 16:09:19 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\esfw52.bin
[2014/03/20 13:06:25 | 000,542,208 | ---- | C] () -- C:\Users\Owner\Desktop\PageSpeedTester.exe
[2014/03/20 13:06:25 | 000,083,931 | ---- | C] () -- C:\Users\Owner\Desktop\PCHF.zip
[2014/03/20 13:06:25 | 000,009,721 | ---- | C] () -- C:\Users\Owner\Desktop\Registration_Login.eml
[2014/03/20 13:06:25 | 000,000,654 | ---- | C] () -- C:\Users\Owner\Desktop\RehabValuatorLite.lnk
[2014/03/20 13:06:25 | 000,000,394 | ---- | C] () -- C:\Users\Owner\Desktop\SolSuite.lnk
[2014/03/20 13:06:24 | 000,000,095 | ---- | C] () -- C:\Users\Owner\Desktop\Outlook - toburgie@hotmail.com.URL
[2014/03/20 13:06:23 | 158,067,944 | ---- | C] () -- C:\Users\Owner\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe
[2014/03/20 13:06:20 | 140,467,400 | ---- | C] () -- C:\Users\Owner\Desktop\OOo_3.2.1_Win_x86_install_en-US.exe
[2014/03/20 13:06:19 | 000,000,513 | ---- | C] () -- C:\Users\Owner\Desktop\My Documents.lnk
[2014/03/20 13:06:18 | 000,002,058 | ---- | C] () -- C:\Users\Owner\Desktop\IFS Charting Station.lnk
[2014/03/20 13:06:18 | 000,000,837 | ---- | C] () -- C:\Users\Owner\Desktop\HTML Editor.lnk
[2014/03/20 13:06:18 | 000,000,727 | ---- | C] () -- C:\Users\Owner\Desktop\Sitemapper.lnk
[2014/03/20 13:06:18 | 000,000,687 | ---- | C] () -- C:\Users\Owner\Desktop\Copernic.lnk
[2014/03/20 13:06:18 | 000,000,622 | ---- | C] () -- C:\Users\Owner\Desktop\CdTree 3.lnk
[2014/03/20 13:06:18 | 000,000,295 | ---- | C] () -- C:\Users\Owner\Desktop\Cool Edit.lnk
[2014/03/20 13:06:16 | 000,000,062 | ---- | C] () -- C:\Users\Owner\Desktop\Access cPanel Webmail.URL
[2014/03/20 12:39:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/03/20 12:10:49 | 007,641,637 | ---- | C] () -- C:\Users\Owner\Documents\Wiscon vh4d-parts-manual.pdf
[2014/03/20 12:10:49 | 001,366,810 | ---- | C] () -- C:\Users\Owner\Documents\ZEN-implementation-guide-beta.pdf
[2014/03/20 12:10:49 | 000,023,663 | ---- | C] () -- C:\Users\Owner\Documents\zigzag-blue-ks.jpg
[2014/03/20 12:10:48 | 002,010,883 | ---- | C] () -- C:\Users\Owner\Documents\Who_Is_She-1.pdf
[2014/03/20 12:10:48 | 000,093,391 | ---- | C] () -- C:\Users\Owner\Documents\Washington Sales Tax (Counties).pdf
[2014/03/20 12:10:44 | 006,961,749 | ---- | C] () -- C:\Users\Owner\Documents\Vizio_M550SV.pdf
[2014/03/20 12:10:44 | 006,200,553 | ---- | C] () -- C:\Users\Owner\Documents\Uptime_small.wmv
[2014/03/20 12:10:44 | 003,354,704 | ---- | C] () -- C:\Users\Owner\Documents\Vizio E701i-A3 QSG.pdf
[2014/03/20 12:10:44 | 001,108,085 | ---- | C] () -- C:\Users\Owner\Documents\Ubiquiti_datasheet.pdf
[2014/03/20 12:10:44 | 000,728,996 | ---- | C] () -- C:\Users\Owner\Documents\Under Floor Heating.pdf
[2014/03/20 12:10:44 | 000,097,087 | ---- | C] () -- C:\Users\Owner\Documents\Vacuum tubes.jpg
[2014/03/20 12:10:44 | 000,087,023 | ---- | C] () -- C:\Users\Owner\Documents\Vacuum tubes1.jpg
[2014/03/20 12:10:44 | 000,085,386 | ---- | C] () -- C:\Users\Owner\Documents\VA Bergman Payment History.pdf
[2014/03/20 12:10:44 | 000,029,769 | ---- | C] () -- C:\Users\Owner\Documents\US Bank Statement.pdf
[2014/03/20 12:10:44 | 000,028,324 | ---- | C] () -- C:\Users\Owner\Documents\US Bank Statement2.pdf
[2014/03/20 12:10:43 | 007,220,285 | ---- | C] () -- C:\Users\Owner\Documents\TrimBrite.pdf
[2014/03/20 12:10:43 | 002,992,663 | ---- | C] () -- C:\Users\Owner\Documents\ToplessAussies.pdf
[2014/03/20 12:10:43 | 000,721,359 | ---- | C] () -- C:\Users\Owner\Documents\TwitterEffectively09.pdf
[2014/03/20 12:10:34 | 335,308,192 | ---- | C] () -- C:\Users\Owner\Documents\Thunderbird 3.0 (en-US) - 2010-01-23.pcv
[2014/03/20 12:10:33 | 008,292,805 | ---- | C] () -- C:\Users\Owner\Documents\SpokaneCountyMap2012.pdf
[2014/03/20 12:10:33 | 001,994,687 | ---- | C] () -- C:\Users\Owner\Documents\TheNextGoldRush1.0.pdf
[2014/03/20 12:10:33 | 000,943,307 | ---- | C] () -- C:\Users\Owner\Documents\Siouxland(CMYK).pdf
[2014/03/20 12:10:33 | 000,929,818 | ---- | C] () -- C:\Users\Owner\Documents\SpokaneCommunityCare.pdf
[2014/03/20 12:10:33 | 000,515,760 | ---- | C] () -- C:\Users\Owner\Documents\Snowblower_prices.pdf
[2014/03/20 12:10:33 | 000,267,920 | ---- | C] () -- C:\Users\Owner\Documents\swivel electrical connector.pdf
[2014/03/20 12:10:33 | 000,262,612 | ---- | C] () -- C:\Users\Owner\Documents\SpokaneCounty2012ExemptionForm.pdf
[2014/03/20 12:10:33 | 000,208,519 | ---- | C] () -- C:\Users\Owner\Documents\Sundance.jpg
[2014/03/20 12:10:33 | 000,200,998 | ---- | C] () -- C:\Users\Owner\Documents\Sundance1.jpg
[2014/03/20 12:10:33 | 000,162,639 | ---- | C] () -- C:\Users\Owner\Documents\Simple_template.pdf
[2014/03/20 12:10:33 | 000,113,664 | ---- | C] () -- C:\Users\Owner\Documents\ThanksEmail.pub
[2014/03/20 12:10:33 | 000,064,435 | ---- | C] () -- C:\Users\Owner\Documents\Spokane Golf and Travel Show 2014_1.pdf
[2014/03/20 12:10:33 | 000,050,688 | ---- | C] () -- C:\Users\Owner\Documents\THANK YOU.pub
[2014/03/20 12:10:33 | 000,001,054 | ---- | C] () -- C:\Users\Owner\Documents\TheFind_Feed_Header.csv
[2014/03/20 12:10:32 | 006,128,636 | ---- | C] () -- C:\Users\Owner\Documents\Shorting Stock TSU virtual trade.flv
[2014/03/20 12:10:32 | 005,499,999 | ---- | C] () -- C:\Users\Owner\Documents\Signage.pdf
[2014/03/20 12:10:32 | 003,606,479 | ---- | C] () -- C:\Users\Owner\Documents\silhouettes005.jpg
[2014/03/20 12:10:30 | 038,209,776 | ---- | C] () -- C:\Users\Owner\Documents\Shorting Stock TSU virtual trade.avi
[2014/03/20 12:10:30 | 012,896,505 | ---- | C] () -- C:\Users\Owner\Documents\Shoreline DOE Findings.pdf
[2014/03/20 12:10:29 | 007,030,167 | ---- | C] () -- C:\Users\Owner\Documents\Road Runner
[2014/03/20 12:10:29 | 006,821,472 | ---- | C] () -- C:\Users\Owner\Documents\Search Engine Marketing~tqw~_darksiderg.pdf
[2014/03/20 12:10:29 | 005,034,886 | ---- | C] () -- C:\Users\Owner\Documents\SaltWater.wmv
[2014/03/20 12:10:29 | 001,873,616 | ---- | C] () -- C:\Users\Owner\Documents\Ryobi Miter Saw TS1551_282_eng.pdf
[2014/03/20 12:10:29 | 000,986,589 | ---- | C] () -- C:\Users\Owner\Documents\ScanahandTemplate1.jpg
[2014/03/20 12:10:29 | 000,871,628 | ---- | C] () -- C:\Users\Owner\Documents\retire-on-$10k.pdf
[2014/03/20 12:10:29 | 000,231,364 | ---- | C] () -- C:\Users\Owner\Documents\Rochester Carb005.jpg
[2014/03/20 12:10:29 | 000,164,421 | ---- | C] () -- C:\Users\Owner\Documents\Resume USA Jobs023.jpg
[2014/03/20 12:10:29 | 000,062,431 | ---- | C] () -- C:\Users\Owner\Documents\Reman Numbers.pdf
[2014/03/20 12:10:29 | 000,047,605 | ---- | C] () -- C:\Users\Owner\Documents\Resident_Opinion0001-1.pdf
[2014/03/20 12:10:29 | 000,026,029 | ---- | C] () -- C:\Users\Owner\Documents\rockwell_chandelier_Med.jpg
[2014/03/20 12:10:29 | 000,004,650 | ---- | C] () -- C:\Users\Owner\Documents\setup.css
[2014/03/20 12:10:29 | 000,000,117 | ---- | C] () -- C:\Users\Owner\Documents\serverupdate.dat
[2014/03/20 12:10:28 | 002,666,612 | ---- | C] () -- C:\Users\Owner\Documents\Propane Tubing.pdf
[2014/03/20 12:10:28 | 001,387,833 | ---- | C] () -- C:\Users\Owner\Documents\PP_OrderMgmt_IntegrationGuide.pdf
[2014/03/20 12:10:28 | 001,340,112 | ---- | C] () -- C:\Users\Owner\Documents\POTLIFTER.pdf
[2014/03/20 12:10:28 | 001,000,665 | ---- | C] () -- C:\Users\Owner\Documents\pspbrwse.jbf
[2014/03/20 12:10:28 | 000,953,883 | ---- | C] () -- C:\Users\Owner\Documents\Priority Mail Rates.pdf
[2014/03/20 12:10:28 | 000,781,413 | ---- | C] () -- C:\Users\Owner\Documents\Pond Plans.pdf
[2014/03/20 12:10:28 | 000,552,345 | ---- | C] () -- C:\Users\Owner\Documents\ProtectYourComputer.pdf
[2014/03/20 12:10:28 | 000,407,670 | ---- | C] () -- C:\Users\Owner\Documents\Registration ISUZU.jpg
[2014/03/20 12:10:28 | 000,407,605 | ---- | C] () -- C:\Users\Owner\Documents\Registration ISUZU007.jpg
[2014/03/20 12:10:28 | 000,365,485 | ---- | C] () -- C:\Users\Owner\Documents\PoultryPen.pdf
[2014/03/20 12:10:28 | 000,193,316 | ---- | C] () -- C:\Users\Owner\Documents\prob.jpg
[2014/03/20 12:10:28 | 000,133,227 | ---- | C] () -- C:\Users\Owner\Documents\Plant Guide for QUAKING ASPEN.pdf
[2014/03/20 12:10:28 | 000,034,564 | ---- | C] () -- C:\Users\Owner\Documents\Raspberries and Blackberries.odt
[2014/03/20 12:10:27 | 004,364,945 | ---- | C] () -- C:\Users\Owner\Documents\PayPal WebsitePaymentsStandard_IntegrationGuide.pdf
[2014/03/20 12:10:27 | 001,973,760 | ---- | C] () -- C:\Users\Owner\Documents\Pearlann-Golf.pps
[2014/03/20 12:10:27 | 000,079,655 | ---- | C] () -- C:\Users\Owner\Documents\Pelosi_L2.pdf
[2014/03/20 12:10:27 | 000,047,275 | ---- | C] () -- C:\Users\Owner\Documents\PIPEcharts.pdf
[2014/03/20 12:10:27 | 000,027,323 | ---- | C] () -- C:\Users\Owner\Documents\Pipe-Dimensions-Weights-Chart.pdf
[2014/03/20 12:10:27 | 000,012,887 | ---- | C] () -- C:\Users\Owner\Documents\optionpurchaserealestate.pdf
[2014/03/20 12:10:26 | 013,961,218 | ---- | C] () -- C:\Users\Owner\Documents\Onan Master Service Manual.pdf
[2014/03/20 12:10:26 | 002,451,078 | ---- | C] () -- C:\Users\Owner\Documents\M_MONROE_POSTER.jpg
[2014/03/20 12:10:26 | 002,352,966 | ---- | C] () -- C:\Users\Owner\Documents\OLYMPUS SP-600UZ_Instruction_Manual_EN.pdf
[2014/03/20 12:10:26 | 002,352,966 | ---- | C] () -- C:\Users\Owner\Documents\Olympus SP-600UZ Camera.pdf
[2014/03/20 12:10:26 | 001,120,018 | ---- | C] () -- C:\Users\Owner\Documents\Motor_Vehicle_Collision_Report_empowered1.pdf
[2014/03/20 12:10:26 | 000,630,784 | ---- | C] () -- C:\Users\Owner\Documents\MyReminder.erf
[2014/03/20 12:10:26 | 000,473,814 | ---- | C] () -- C:\Users\Owner\Documents\NCP return equip.jpg
[2014/03/20 12:10:26 | 000,253,266 | ---- | C] () -- C:\Users\Owner\Documents\Mystery shopperapp.pdf
[2014/03/20 12:10:26 | 000,129,525 | ---- | C] () -- C:\Users\Owner\Documents\MUSKRAT CONTROL AND DAMAGE.pdf
[2014/03/20 12:10:26 | 000,040,069 | ---- | C] () -- C:\Users\Owner\Documents\o.jpg
[2014/03/20 12:10:26 | 000,010,365 | ---- | C] () -- C:\Users\Owner\Documents\New Database1.odb
[2014/03/20 12:10:26 | 000,002,646 | ---- | C] () -- C:\Users\Owner\Documents\New Database.odb
[2014/03/20 12:10:26 | 000,002,319 | ---- | C] () -- C:\Users\Owner\Documents\New Database2.odb
[2014/03/20 12:10:25 | 003,190,274 | ---- | C] () -- C:\Users\Owner\Documents\LIEBHERRCARWASH.WMV
[2014/03/20 12:10:25 | 002,679,796 | ---- | C] () -- C:\Users\Owner\Documents\MACSeatingBowl.pdf
[2014/03/20 12:10:25 | 002,112,215 | ---- | C] () -- C:\Users\Owner\Documents\MACSeatingBowl9_2_04.pdf
[2014/03/20 12:10:25 | 001,448,112 | ---- | C] () -- C:\Users\Owner\Documents\Medicare-Asuris.pdf
[2014/03/20 12:10:25 | 001,344,537 | ---- | C] () -- C:\Users\Owner\Documents\Monroe1b.jpg
[2014/03/20 12:10:25 | 001,302,055 | ---- | C] () -- C:\Users\Owner\Documents\Motorola Tracfone Manual.pdf
[2014/03/20 12:10:25 | 001,282,271 | ---- | C] () -- C:\Users\Owner\Documents\low_pass.wmv
[2014/03/20 12:10:25 | 001,268,265 | ---- | C] () -- C:\Users\Owner\Documents\Medicare-Humana.pdf
[2014/03/20 12:10:25 | 001,230,426 | ---- | C] () -- C:\Users\Owner\Documents\Monroe1a.jpg
[2014/03/20 12:10:25 | 001,160,125 | ---- | C] () -- C:\Users\Owner\Documents\marsh_stencil_machine_manual.pdf
[2014/03/20 12:10:25 | 001,120,018 | ---- | C] () -- C:\Users\Owner\Documents\Motor_Vehicle_Collision_Report_empowered.pdf
[2014/03/20 12:10:25 | 001,078,510 | ---- | C] () -- C:\Users\Owner\Documents\Monroe001.jpg
[2014/03/20 12:10:25 | 000,480,911 | ---- | C] () -- C:\Users\Owner\Documents\Monroe1c.jpg
[2014/03/20 12:10:25 | 000,071,360 | ---- | C] () -- C:\Users\Owner\Documents\Liqueurs.odt
[2014/03/20 12:10:25 | 000,021,148 | ---- | C] () -- C:\Users\Owner\Documents\liquid-measures.jpg
[2014/03/20 12:10:25 | 000,021,140 | ---- | C] () -- C:\Users\Owner\Documents\liquid-measures.gif
[2014/03/20 12:10:24 | 011,747,703 | ---- | C] () -- C:\Users\Owner\Documents\InnerGlass.pdf
[2014/03/20 12:10:24 | 004,873,753 | ---- | C] () -- C:\Users\Owner\Documents\Lawyer Nursery Catalog.pdf
[2014/03/20 12:10:24 | 004,728,203 | ---- | C] () -- C:\Users\Owner\Documents\KeeneCatalog.pdf
[2014/03/20 12:10:24 | 004,291,721 | ---- | C] () -- C:\Users\Owner\Documents\LawyerNursery2009_2010Catalog.pdf
[2014/03/20 12:10:24 | 000,650,930 | ---- | C] () -- C:\Users\Owner\Documents\lame3.99.5.zip
[2014/03/20 12:10:24 | 000,220,812 | ---- | C] () -- C:\Users\Owner\Documents\K&N filter cleaning instructions.pdf
[2014/03/20 12:10:24 | 000,158,490 | ---- | C] () -- C:\Users\Owner\Documents\JARPA 2012(2).pdf
[2014/03/20 12:10:24 | 000,146,505 | ---- | C] () -- C:\Users\Owner\Documents\Ionic Breeze.pdf
[2014/03/20 12:10:23 | 005,648,390 | ---- | C] () -- C:\Users\Owner\Documents\HOW_TO_TELL_A_JOKE.wmv
[2014/03/20 12:10:23 | 004,701,531 | ---- | C] () -- C:\Users\Owner\Documents\indiegogo-field-guide-for-campaigners2.original.pdf
[2014/03/20 12:10:23 | 002,582,492 | ---- | C] () -- C:\Users\Owner\Documents\Heat Tape ownersman_web.pdf
[2014/03/20 12:10:23 | 002,064,707 | ---- | C] () -- C:\Users\Owner\Documents\HP Notebook Manual.pdf
[2014/03/20 12:10:23 | 001,393,138 | ---- | C] () -- C:\Users\Owner\Documents\Horizon[1]-1.pdf
[2014/03/20 12:10:23 | 001,393,137 | ---- | C] () -- C:\Users\Owner\Documents\Horizon (2)-1.pdf
[2014/03/20 12:10:23 | 000,351,543 | ---- | C] () -- C:\Users\Owner\Documents\Heat Tape_broch_web.pdf
[2014/03/20 12:10:23 | 000,132,959 | ---- | C] () -- C:\Users\Owner\Documents\HIO Contract.PDF
[2014/03/20 12:10:23 | 000,130,108 | ---- | C] () -- C:\Users\Owner\Documents\InDesign CS5 Read Me.pdf
[2014/03/20 12:10:23 | 000,088,449 | ---- | C] () -- C:\Users\Owner\Documents\img1.jpg
[2014/03/20 12:10:23 | 000,059,145 | ---- | C] () -- C:\Users\Owner\Documents\HF.jpg
[2014/03/20 12:10:23 | 000,056,582 | ---- | C] () -- C:\Users\Owner\Documents\IMG_0148mn1.jpg
[2014/03/20 12:10:23 | 000,035,185 | ---- | C] () -- C:\Users\Owner\Documents\Image1.gif
[2014/03/20 12:10:22 | 005,127,439 | ---- | C] () -- C:\Users\Owner\Documents\GunCONTROL_Shatner.wmv
[2014/03/20 12:10:22 | 002,302,973 | ---- | C] () -- C:\Users\Owner\Documents\Grommet Machine Instructions for printing.pdf
[2014/03/20 12:10:22 | 001,348,224 | ---- | C] () -- C:\Users\Owner\Documents\GroundFloorDeck.pdf
[2014/03/20 12:10:22 | 000,861,876 | ---- | C] () -- C:\Users\Owner\Documents\GOLFUN Magazine.bpf
[2014/03/20 12:10:22 | 000,508,230 | ---- | C] () -- C:\Users\Owner\Documents\Gonzaga1004.jpg
[2014/03/20 12:10:22 | 000,499,712 | ---- | C] () -- C:\Users\Owner\Documents\GOLFUN Magazine.bpd
[2014/03/20 12:10:22 | 000,391,115 | ---- | C] () -- C:\Users\Owner\Documents\Gonzaga003.jpg
[2014/03/20 12:10:22 | 000,291,063 | ---- | C] () -- C:\Users\Owner\Documents\Golf Today NW_Pricing.pdf
[2014/03/20 12:10:22 | 000,059,831 | ---- | C] () -- C:\Users\Owner\Documents\Golf Torny Contract.pdf
[2014/03/20 12:10:22 | 000,031,875 | ---- | C] () -- C:\Users\Owner\Documents\Google Sitemap Generator Instructions.odt
[2014/03/20 12:10:22 | 000,031,821 | ---- | C] () -- C:\Users\Owner\Documents\golfer.jpg
[2014/03/20 12:10:21 | 003,507,784 | ---- | C] () -- C:\Users\Owner\Documents\energy_savers.pdf
[2014/03/20 12:10:21 | 001,956,962 | ---- | C] () -- C:\Users\Owner\Documents\Gerry Bergman VIP-1.pdf
[2014/03/20 12:10:21 | 001,650,772 | ---- | C] () -- C:\Users\Owner\Documents\Ghost Town Building.jpg
[2014/03/20 12:10:21 | 001,488,896 | ---- | C] () -- C:\Users\Owner\Documents\EmpireStateBldg1.pps
[2014/03/20 12:10:21 | 001,176,699 | ---- | C] () -- C:\Users\Owner\Documents\Garage plans.pdf
[2014/03/20 12:10:21 | 000,640,394 | ---- | C] () -- C:\Users\Owner\Documents\Frested.jpg
[2014/03/20 12:10:21 | 000,490,266 | ---- | C] () -- C:\Users\Owner\Documents\Frosty.jpg
[2014/03/20 12:10:21 | 000,452,043 | ---- | C] () -- C:\Users\Owner\Documents\Frost.jpg
[2014/03/20 12:10:21 | 000,434,437 | ---- | C] () -- C:\Users\Owner\Documents\Facebook-tent-cards-self-serve.pdf
[2014/03/20 12:10:21 | 000,326,144 | ---- | C] () -- C:\Users\Owner\Documents\GB Website.tlx
[2014/03/20 12:10:21 | 000,193,640 | ---- | C] () -- C:\Users\Owner\Documents\Golf Show Approved by Fire Marshal_12_13.pdf
[2014/03/20 12:10:21 | 000,136,692 | ---- | C] () -- C:\Users\Owner\Documents\FORM.fb
[2014/03/20 12:10:21 | 000,103,226 | ---- | C] () -- C:\Users\Owner\Documents\FlatBelly.jpg
[2014/03/20 12:10:21 | 000,081,563 | ---- | C] () -- C:\Users\Owner\Documents\Golf Car Shelter.pdf
[2014/03/20 12:10:21 | 000,081,563 | ---- | C] () -- C:\Users\Owner\Documents\Golf Car Cover PVC.pdf
[2014/03/20 12:10:21 | 000,076,630 | ---- | C] () -- C:\Users\Owner\Documents\fan.jpg
[2014/03/20 12:10:21 | 000,069,632 | ---- | C] () -- C:\Users\Owner\Documents\Gift Certificate.pub
[2014/03/20 12:10:21 | 000,049,152 | ---- | C] () -- C:\Users\Owner\Documents\Frog Eye Salad.pub
[2014/03/20 12:10:21 | 000,044,843 | ---- | C] () -- C:\Users\Owner\Documents\fa.jpg
[2014/03/20 12:10:21 | 000,019,833 | ---- | C] () -- C:\Users\Owner\Documents\Golf Scramble.odt
[2014/03/20 12:10:21 | 000,013,572 | ---- | C] () -- C:\Users\Owner\Documents\flpalbm.opf
[2014/03/20 12:10:21 | 000,000,305 | ---- | C] () -- C:\Users\Owner\Documents\fourforfore_encoded.dat
[2014/03/20 12:10:20 | 002,204,564 | ---- | C] () -- C:\Users\Owner\Documents\ElectricCar.pdf
[2014/03/20 12:10:18 | 031,015,688 | ---- | C] () -- C:\Users\Owner\Documents\Edelbrock Catalog.pdf
[2014/03/20 12:10:18 | 000,757,133 | ---- | C] () -- C:\Users\Owner\Documents\download_file_1253446943.pdf
[2014/03/20 12:10:18 | 000,546,670 | ---- | C] () -- C:\Users\Owner\Documents\download_file_1258549332.pdf
[2014/03/20 12:10:18 | 000,322,886 | ---- | C] () -- C:\Users\Owner\Documents\Drill Doctor 750.pdf
[2014/03/20 12:10:18 | 000,141,982 | ---- | C] () -- C:\Users\Owner\Documents\DIM014.pdf
[2014/03/20 12:10:18 | 000,015,325 | ---- | C] () -- C:\Users\Owner\Documents\Drill Press.jpg
[2014/03/20 12:10:17 | 006,515,662 | ---- | C] () -- C:\Users\Owner\Documents\Coolest_Coffee_Table_Ever.wmv
[2014/03/20 12:10:17 | 006,242,378 | ---- | C] () -- C:\Users\Owner\Documents\DEXPAN_Catalog_English.pdf
[2014/03/20 12:10:17 | 002,417,882 | ---- | C] () -- C:\Users\Owner\Documents\DannerReturnForm.pdf
[2014/03/20 12:10:17 | 001,438,825 | ---- | C] () -- C:\Users\Owner\Documents\Continental_L-Head-F-163-etc-Quick_Reference.pdf
[2014/03/20 12:10:17 | 000,936,040 | ---- | C] () -- C:\Users\Owner\Documents\DD-214.jpg
[2014/03/20 12:10:17 | 000,462,500 | ---- | C] () -- C:\Users\Owner\Documents\CuttingTin.pdf
[2014/03/20 12:10:17 | 000,316,416 | ---- | C] () -- C:\Users\Owner\Documents\Corbin Golf Scramble.pub
[2014/03/20 12:10:17 | 000,116,322 | ---- | C] () -- C:\Users\Owner\Documents\Credit.jpg
[2014/03/20 12:10:17 | 000,101,924 | ---- | C] () -- C:\Users\Owner\Documents\Credit2.jpg
[2014/03/20 12:10:17 | 000,092,517 | ---- | C] () -- C:\Users\Owner\Documents\Credit1.jpg
[2014/03/20 12:10:17 | 000,029,493 | ---- | C] () -- C:\Users\Owner\Documents\cumulative-stats.pdf
[2014/03/20 12:10:17 | 000,002,603 | ---- | C] () -- C:\Users\Owner\Documents\CorbinTest.odb
[2014/03/20 12:10:17 | 000,000,026 | ---- | C] () -- C:\Users\Owner\Documents\Default.PLS
[2014/03/20 12:10:16 | 006,221,989 | ---- | C] () -- C:\Users\Owner\Documents\CNNnewscast.wmv
[2014/03/20 12:10:16 | 005,145,600 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard1.pub
[2014/03/20 12:10:16 | 002,423,598 | ---- | C] () -- C:\Users\Owner\Documents\CompressorHF.pdf
[2014/03/20 12:10:16 | 002,423,598 | ---- | C] () -- C:\Users\Owner\Documents\Compressor 2stage.pdf
[2014/03/20 12:10:16 | 000,152,955 | ---- | C] () -- C:\Users\Owner\Documents\cemetery preregistration.pdf
[2014/03/20 12:10:16 | 000,100,864 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard+.pub
[2014/03/20 12:10:16 | 000,100,352 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard.pub
[2014/03/20 12:10:16 | 000,093,764 | ---- | C] () -- C:\Users\Owner\Documents\CirclingRavin DonationRequest.pdf
[2014/03/20 12:10:16 | 000,093,764 | ---- | C] () -- C:\Users\Owner\Documents\Circling RavenDonationRequest.pdf
[2014/03/20 12:10:16 | 000,093,764 | ---- | C] () -- C:\Users\Owner\Documents\Circling Raven DonationRequest(1).pdf
[2014/03/20 12:10:16 | 000,064,844 | ---- | C] () -- C:\Users\Owner\Documents\Chris Malta's EBiz Scam Prevention Report.pdf
[2014/03/20 12:10:16 | 000,061,073 | ---- | C] () -- C:\Users\Owner\Documents\chewelah.jpg
[2014/03/20 12:10:16 | 000,057,344 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard3.pub
[2014/03/20 12:10:16 | 000,053,760 | ---- | C] () -- C:\Users\Owner\Documents\ChromeBack.pub
[2014/03/20 12:10:15 | 001,641,423 | ---- | C] () -- C:\Users\Owner\Documents\Camping Trailer instructions.pdf
[2014/03/20 12:10:15 | 001,302,055 | ---- | C] () -- C:\Users\Owner\Documents\CELL PHONE MANUAL.pdf
[2014/03/20 12:10:15 | 000,513,055 | ---- | C] () -- C:\Users\Owner\Documents\Catalog Creator _ GettingStarted.pdf
[2014/03/20 12:10:15 | 000,328,444 | ---- | C] () -- C:\Users\Owner\Documents\cc_20121220_123219.reg
[2014/03/20 12:10:15 | 000,243,816 | ---- | C] () -- C:\Users\Owner\Documents\cc_20100708_081746.reg
[2014/03/20 12:10:15 | 000,228,042 | ---- | C] () -- C:\Users\Owner\Documents\cc_20131220_155023.reg
[2014/03/20 12:10:15 | 000,205,843 | ---- | C] () -- C:\Users\Owner\Documents\Cancellation.jpg
[2014/03/20 12:10:15 | 000,023,512 | ---- | C] () -- C:\Users\Owner\Documents\Cancellation Request Form.pdf
[2014/03/20 12:10:14 | 038,062,853 | ---- | C] () -- C:\Users\Owner\Documents\Camera HD Sports User Manual.pdf
[2014/03/20 12:10:14 | 005,468,566 | ---- | C] () -- C:\Users\Owner\Documents\Brains.wmv
[2014/03/20 12:10:14 | 002,154,860 | ---- | C] () -- C:\Users\Owner\Documents\cage1.jpg
[2014/03/20 12:10:14 | 002,101,396 | ---- | C] () -- C:\Users\Owner\Documents\cage.jpg
[2014/03/20 12:10:14 | 000,039,816 | ---- | C] () -- C:\Users\Owner\Documents\Brass.jpg
[2014/03/20 12:10:13 | 005,284,000 | ---- | C] () -- C:\Users\Owner\Documents\Bosch Nexxt 100 Series  Clothes Washer.pdf
[2014/03/20 12:10:13 | 005,195,405 | ---- | C] () -- C:\Users\Owner\Documents\Bosch Clothes Dryer.pdf
[2014/03/20 12:10:13 | 001,584,956 | ---- | C] () -- C:\Users\Owner\Documents\Blank Shirts Price List.ods
[2014/03/20 12:10:13 | 000,087,552 | ---- | C] () -- C:\Users\Owner\Documents\Boom.pub
[2014/03/20 12:10:13 | 000,061,440 | ---- | C] () -- C:\Users\Owner\Documents\Book 3.indb
[2014/03/20 12:10:13 | 000,061,440 | ---- | C] () -- C:\Users\Owner\Documents\Book 2.indb
[2014/03/20 12:10:13 | 000,061,440 | ---- | C] () -- C:\Users\Owner\Documents\Book 1.indb
[2014/03/20 12:10:13 | 000,042,072 | ---- | C] () -- C:\Users\Owner\Documents\Blueberries.pdf
[2014/03/20 12:10:13 | 000,038,003 | ---- | C] () -- C:\Users\Owner\Documents\birds.jpg
[2014/03/20 12:10:13 | 000,003,663 | ---- | C] () -- C:\Users\Owner\Documents\Book.opf
[2014/03/20 12:10:13 | 000,000,767 | ---- | C] () -- C:\Users\Owner\Documents\BnB Map.jmd
[2014/03/20 12:10:12 | 007,494,341 | ---- | C] () -- C:\Users\Owner\Documents\AV-MercedesSLSRoll.wmv
[2014/03/20 12:10:12 | 004,041,471 | ---- | C] () -- C:\Users\Owner\Documents\autolite_gen_and_start.pdf
[2014/03/20 12:10:12 | 000,508,664 | ---- | C] () -- C:\Users\Owner\Documents\Arteriors.pdf
[2014/03/20 12:10:12 | 000,398,388 | ---- | C] () -- C:\Users\Owner\Documents\A11temp.EPS
[2014/03/20 12:10:12 | 000,326,036 | ---- | C] () -- C:\Users\Owner\Documents\BendAug172010.pdf
[2014/03/20 12:10:12 | 000,185,100 | ---- | C] () -- C:\Users\Owner\Documents\ArchGrnHouse.pdf
[2014/03/20 12:10:12 | 000,066,661 | ---- | C] () -- C:\Users\Owner\Documents\b & b junk.pdf
[2014/03/20 12:10:12 | 000,009,371 | ---- | C] () -- C:\Users\Owner\Documents\AcesBook.opf
[2014/03/20 12:10:11 | 069,869,549 | ---- | C] () -- C:\Users\Owner\Documents\A System to Estimate Rehab in 15 Minutes.mp4
[2014/03/20 12:10:10 | 019,900,236 | ---- | C] () -- C:\Users\Owner\Documents\2014-01-20_1003.avi
[2014/03/20 12:10:10 | 007,278,182 | ---- | C] () -- C:\Users\Owner\Documents\1776_Tea_Party.wmv
[2014/03/20 12:10:10 | 004,778,228 | ---- | C] () -- C:\Users\Owner\Documents\2011_far_from_normal_catalog.pdf
[2014/03/20 12:10:10 | 000,997,977 | ---- | C] () -- C:\Users\Owner\Documents\12womens_bracket_blank.pdf
[2014/03/20 12:10:10 | 000,417,372 | ---- | C] () -- C:\Users\Owner\Documents\5-Secrets-Finding-Cheap-Stocks.pdf
[2014/03/20 12:10:10 | 000,391,613 | ---- | C] () -- C:\Users\Owner\Documents\12x16 barnshedplans.pdf
[2014/03/20 12:10:10 | 000,042,104 | ---- | C] () -- C:\Users\Owner\Documents\6.jpg
[2014/03/20 12:10:10 | 000,040,978 | ---- | C] () -- C:\Users\Owner\Documents\3.jpg
[2014/03/20 12:10:10 | 000,033,237 | ---- | C] () -- C:\Users\Owner\Documents\404 Error Custom Page.odt
[2014/03/20 12:10:10 | 000,028,920 | ---- | C] () -- C:\Users\Owner\Documents\5.jpg
[2014/03/20 12:10:10 | 000,028,567 | ---- | C] () -- C:\Users\Owner\Documents\2.jpg
[2014/03/20 12:10:10 | 000,019,773 | ---- | C] () -- C:\Users\Owner\Documents\4.jpg
[2014/03/20 12:10:09 | 000,044,080 | ---- | C] () -- C:\Users\Owner\Documents\1.jpg
[2014/03/20 12:10:09 | 000,001,280 | ---- | C] () -- C:\Users\Owner\Documents\.usr_app_ncr.dat
[2014/03/07 17:08:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/03/06 18:31:03 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/03/06 18:30:59 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/03/06 18:29:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/03/06 18:27:21 | 1583,951,872 | -HS- | C] () -- C:\hiberfil.sys
[2014/03/06 18:14:23 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/06 18:13:07 | 000,002,409 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Rescue Calling Card.lnk
[2014/03/06 17:57:50 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/06 17:53:03 | 000,002,283 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/06 17:53:03 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/06 17:52:32 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/06 17:52:30 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/06 17:42:25 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/03/06 17:20:53 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/03/06 17:20:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/03/06 17:13:52 | 000,001,417 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/03/06 17:13:02 | 000,000,290 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/03/06 17:13:02 | 000,000,272 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
 
========== ZeroAccess Check ==========
 
[2012/12/20 23:50:30 | 000,006,621 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2444541379-1693892906-2716229256-1000\$RDFJFUY\limesurvey\images\screenshots\L.png
[2012/12/20 23:50:30 | 000,003,488 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2444541379-1693892906-2716229256-1000\$RDFJFUY\limesurvey\images\screenshots\N.png
[2012/12/20 23:50:30 | 000,003,714 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2444541379-1693892906-2716229256-1000\$RDFJFUY\limesurvey\images\screenshots\U.png
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/05 13:32:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Activeris
[2014/03/06 17:43:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2014
[2014/04/05 09:06:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\CoffeeCup Software
[2014/03/20 21:50:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Copernic
[2014/04/05 07:46:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Efficient Reminder Free
[2014/03/20 21:08:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EPSON
[2014/03/22 07:27:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FileZilla
[2014/04/05 11:20:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gadwin
[2014/03/21 19:05:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\JGsoft
[2014/03/20 16:26:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2014/03/21 08:48:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2014/04/05 14:31:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2014/03/26 17:15:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SolSuite
[2014/03/20 17:35:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thunderbird
[2014/03/06 18:16:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TP
[2014/03/06 17:42:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 813 bytes -> C:\Users\Owner\Desktop\Registration_Login.eml:OECustomProperty
 
< End of report >
 


#4 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 05 April 2014 - 07:23 PM

Jo,

 

I think I forgot this file.

 

Gerry

 

 

 

 

 

 

OTL Extras logfile created on: 4/5/2014 4:35:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.97 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 61.99% Memory free
3.93 Gb Paging File | 2.62 Gb Available in Paging File | 66.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 148.30 Gb Free Space | 63.70% Space Free | Partition Type: NTFS
Drive E: | 931.50 Gb Total Space | 827.31 Gb Free Space | 88.81% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- C:\Program Files (x86)\JGsoft\EditPadPro6\EditPadPro.exe (Just Great Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14C4EBD6-BB54-4928-A3B5-020857C27302}" = lport=137 | protocol=17 | dir=in | app=system | 
"{238F35F7-FCBB-4145-939A-495D3F5BB75E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{37826DEE-3611-40E5-A2C5-5522E2C7247E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{388546F9-823B-47CB-B30C-4DF41C057E5B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{56BA3E7D-046D-437D-98C0-9B724B364ED4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{6B2584D9-19F0-4576-8EBA-B11DD9A0C9BE}" = lport=445 | protocol=6 | dir=in | app=system | 
"{77D57025-AEB0-4B9C-9476-2FB8C4355344}" = rport=138 | protocol=17 | dir=out | app=system | 
"{93FD3807-B141-45D7-8919-2D8811649D8C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{9A89D3B3-4DD3-4119-9487-F19A41DCD0A4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{A30E02F8-6A16-44FF-8B41-7008C7E55C05}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D2CE4D3F-FBA0-4A26-A577-B1CE8E4FDAD8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D98BE248-2F94-4855-9904-F3FA02C85886}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EC2D00-D4BF-48E7-8523-494EB56E712B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | 
"{0C51DF3B-142D-4312-997F-1BCEFD312F5B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe | 
"{21DB7B12-9BF1-4EA2-9DEC-AD0FD418D0DC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | 
"{39A48BF6-6B64-4296-9796-FB25878ECCCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4DBD2989-5546-442D-8913-263E44E70CD4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6304003F-A552-4E1A-9789-D6F8EA3C5E33}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6A0D4393-A3C7-4933-A14B-2DE87F8840A4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe | 
"{85ED91C0-53BC-46E7-AB24-F066867E0F28}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 
"{8A34E0CA-146C-4091-A728-18815A1F3A32}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\ilivid\ilivid.exe | 
"{91E35EAC-2978-4899-846E-40E0FDA5CECB}" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\ilivid\ilivid.exe | 
"{99AFBD61-E3B4-4B4B-B667-3FDD2B6A92E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AB8678C0-13F0-47D4-99BD-D2EE160C45DB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{ABAADF06-C48A-4D38-A083-1DA329EB9036}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{ACB50DBD-8596-4703-8B74-DF67B8ADB469}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{B5637027-43BB-4183-BEDA-218B607442D9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B78A0C8D-DB49-49CE-BB65-2DDB42BDDB66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D498BB28-7997-4E88-815A-4CCC7D0EB036}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe | 
"{DE71D5A1-9704-4B59-B304-3A85B1DC1210}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | 
"{EE6DF129-6F02-41E2-8C54-002BF1BB8449}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe | 
"{F645EFE6-9245-4C01-A299-8F3F22E6F514}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{198C583F-E647-4D7E-9484-70E439818C09}" = AVG 2014
"{26A24AE4-039D-4CA4-87B4-2F86417040FF}" = Java 7 Update 40 (64-bit)
"{5A946012-DDD3-45CA-87E4-125819D33C9F}" = Gadwin PrintScreen (64-Bit)
"{600DEB42-433A-40AF-BC14-082E40577BF2}" = AntimalwareEngine
"{6A16ADA5-0B30-4893-84AB-961B1340D14A}" = AdAwareUpdater
"{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater" = Ad-Aware Antivirus
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{AC7D612A-9805-4BB8-A8CA-4CCFE361B4B7}" = AdAwareInstaller
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DFB2D93E-DEAE-4DF5-8863-CE2AB8F0B6AB}" = AVG 2014
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"2DC0AA065FA83047D7ECD51C7000C1620D79A4C5" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"51A4D522DD31538335EF5736F0E7F588C70BCB12" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"AVG" = AVG 2014
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3DFA2791-ACFC-4566-94E8-D325D922F356}" = WinPCSIGN Pro 2010
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4BC77661-E0BA-4306-A5E3-B33E490310C9}" = WinPCSIGN Pro 2010
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{C2835850-FCEB-4A1A-A213-57E7A9A8EC62}" = LogMeIn Rescue Calling Card
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"CoffeeCup LockBox" = CoffeeCup LockBox
"CoffeeCup Shopping Cart Creator 3.9.4296" = CoffeeCup Shopping Cart Creator
"CoffeeCup Shopping Cart Creator Pro 3.9.4296" = CoffeeCup Shopping Cart Creator Pro
"CoffeeCup Shopping Cart Designer 3.9" = CoffeeCup Shopping Cart Designer
"CoffeeCup Shopping Cart Designer Pro 3.9" = CoffeeCup Shopping Cart Designer Pro
"DMUninstaller" = DMUninstaller
"EditPad Pro 6" = JGsoft EditPad Pro 6 v.6.3.2
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"Font Viewer_is1" = Font Viewer 2.0
"Google Chrome" = Google Chrome
"ilividmoviestoolbar181CR" = Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.)
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"Mozilla Thunderbird 24.4.0 (x86 en-US)" = Mozilla Thunderbird 24.4.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Password Keychain_is1" = Password Keychain 1.0
"RealPlayer 16.0" = RealPlayer
"Silent Package Run-Time Sample" = EPSON Perf 3490 3590 Guide
"XReminder" = XReminder
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"CoffeeCup HTML Editor" = CoffeeCup HTML Editor
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/5/2014 12:28:52 AM | Computer Name = Owner-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
 Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" 
could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 4/5/2014 10:08:21 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 4/5/2014 10:27:48 AM | Computer Name = Owner-PC | Source = System Restore | ID = 8210
Description = 
 
Error - 4/5/2014 10:28:31 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 4/5/2014 10:48:26 AM | Computer Name = Owner-PC | Source = System Restore | ID = 8210
Description = 
 
Error - 4/5/2014 10:49:16 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 4/5/2014 12:31:51 PM | Computer Name = Owner-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
 Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" 
could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 4/5/2014 2:05:55 PM | Computer Name = Owner-PC | Source = MsiInstaller | ID = 11935
Description = 
 
Error - 4/5/2014 3:41:21 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 4/5/2014 5:35:09 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 4/4/2014 4:36:40 PM | Computer Name = Owner-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
 due to incompatibility with this system. Please contact your software vendor for
 a compatible version of the driver.
 
Error - 4/4/2014 9:58:02 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7031
Description = The Superfetch service terminated unexpectedly.  It has done this 
1 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 4/5/2014 10:06:36 AM | Computer Name = Owner-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
 due to incompatibility with this system. Please contact your software vendor for
 a compatible version of the driver.
 
Error - 4/5/2014 10:18:50 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7043
Description = The AVGIDSAgent service did not shut down properly after receiving
 a preshutdown control.
 
Error - 4/5/2014 10:26:41 AM | Computer Name = Owner-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
 due to incompatibility with this system. Please contact your software vendor for
 a compatible version of the driver.
 
Error - 4/5/2014 10:40:05 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7043
Description = The AVGIDSAgent service did not shut down properly after receiving
 a preshutdown control.
 
Error - 4/5/2014 10:47:29 AM | Computer Name = Owner-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
 due to incompatibility with this system. Please contact your software vendor for
 a compatible version of the driver.
 
Error - 4/5/2014 3:37:46 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 4/5/2014 3:39:33 PM | Computer Name = Owner-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
 due to incompatibility with this system. Please contact your software vendor for
 a compatible version of the driver.
 
Error - 4/5/2014 5:33:15 PM | Computer Name = Owner-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading
 due to incompatibility with this system. Please contact your software vendor for
 a compatible version of the driver.
 
 
< End of report >


#5 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 AM

Posted 06 April 2014 - 07:19 AM

Hello fourforfore,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 06 April 2014 - 02:37 PM

Jo,

 

The results on the Malsarebytes are:  No Malware Found.

 

And here's the results from AdwCleaner:

 

 

 

# AdwCleaner v3.023 - Report created 06/04/2014 at 12:32:02
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\adwcleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found C:\Users\Owner\AppData\Local\SearchProtect
Folder Found C:\Users\Owner\AppData\Roaming\Activeris
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\Software\SearchProtect
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\prefs.js ]
 
Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3324776&octid=EB_ORIGINAL_CTID&ISID=M8BDF673A-71C0-4394-93AC-F0C5AC5C1213&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP9061B45B-180[...]
Line Found : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Found : user_pref("browser.search.selectedEngine", "Conduit Search");
Line Found : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylig[...]
Line Found : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app49074%22%3A%22app49[...]
Line Found : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_geolocation.expiration", "Fri Apr 11 2014 13:21:59 GMT-0700 (Pacific Sta[...]
Line Found : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_geolocation.value", "%22US%22");
Line Found : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_metadata.expiration", "Sun Apr 06 2014 13:34:03 GMT-0700 (Pacific Standa[...]
Line Found : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A49074%2C%22appName%22%3A%22The%20weDo[...]
Line Found : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.description", "Enhance your search results with direct download links and information for apps and[...]
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [7129 octets] - [04/04/2014 12:37:26]
AdwCleaner[R1].txt - [2515 octets] - [04/04/2014 13:08:39]
AdwCleaner[R2].txt - [2635 octets] - [04/04/2014 13:14:53]
AdwCleaner[R3].txt - [2753 octets] - [04/04/2014 13:29:01]
AdwCleaner[R4].txt - [3343 octets] - [06/04/2014 12:23:51]
AdwCleaner[R5].txt - [3081 octets] - [06/04/2014 12:32:02]
AdwCleaner[S0].txt - [6719 octets] - [04/04/2014 12:40:37]
AdwCleaner[S1].txt - [2590 octets] - [04/04/2014 13:09:48]
AdwCleaner[S2].txt - [2710 octets] - [04/04/2014 13:16:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [3321 octets] ##########


#7 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 AM

Posted 06 April 2014 - 02:41 PM

Hello fourforfore,

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run OTL again.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#8 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 06 April 2014 - 04:00 PM

Hi Jo,

 

I am not getting any popups with Internet Explorer or Google Chrome.

 

However,  I am still getting popups with Firefox.

 

Popup Blockers are enabled on all browsers.

 

Gerry

 

 

 

 

 

# AdwCleaner v3.023 - Report created 06/04/2014 at 12:53:14
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Owner\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Owner\AppData\Roaming\Activeris
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\Software\SearchProtect
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\prefs.js ]
 
Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3324776&octid=EB_ORIGINAL_CTID&ISID=M8BDF673A-71C0-4394-93AC-F0C5AC5C1213&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP9061B45B-180[...]
Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
Line Deleted : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT-0800 (Pacific Daylig[...]
Line Deleted : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app49074%22%3A%22app49[...]
Line Deleted : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_geolocation.expiration", "Fri Apr 11 2014 13:21:59 GMT-0700 (Pacific Sta[...]
Line Deleted : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_geolocation.value", "%22US%22");
Line Deleted : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_metadata.expiration", "Sun Apr 06 2014 13:34:03 GMT-0700 (Pacific Standa[...]
Line Deleted : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A49074%2C%22appName%22%3A%22The%20weDo[...]
Line Deleted : user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.description", "Enhance your search results with direct download links and information for apps and[...]
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [7129 octets] - [04/04/2014 12:37:26]
AdwCleaner[R1].txt - [2515 octets] - [04/04/2014 13:08:39]
AdwCleaner[R2].txt - [2635 octets] - [04/04/2014 13:14:53]
AdwCleaner[R3].txt - [2753 octets] - [04/04/2014 13:29:01]
AdwCleaner[R4].txt - [3343 octets] - [06/04/2014 12:23:51]
AdwCleaner[R5].txt - [3401 octets] - [06/04/2014 12:32:02]
AdwCleaner[R6].txt - [3461 octets] - [06/04/2014 12:51:00]
AdwCleaner[S0].txt - [6719 octets] - [04/04/2014 12:40:37]
AdwCleaner[S1].txt - [2590 octets] - [04/04/2014 13:09:48]
AdwCleaner[S2].txt - [2710 octets] - [04/04/2014 13:16:24]
AdwCleaner[S3].txt - [3412 octets] - [06/04/2014 12:53:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [3472 octets] ##########
 
 
 

 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2014   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player 12.0.0.77  
 Adobe Reader 7  
 Adobe Reader XI  
 Mozilla Firefox (28.0) 
 Mozilla Thunderbird (24.4.0) 
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.1.5354.0\AdAwareTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Owner on Sun 04/06/2014 at 13:01:14.72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\74hm9e17.default\minidumps [2 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/06/2014 at 13:21:27.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

OTL logfile created on: 4/6/2014 1:30:50 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.97 Gb Total Physical Memory | 0.73 Gb Available Physical Memory | 37.14% Memory free
3.93 Gb Paging File | 2.10 Gb Available in Paging File | 53.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 149.58 Gb Free Space | 64.26% Space Free | Partition Type: NTFS
Drive E: | 931.50 Gb Total Space | 719.13 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Owner\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - E:\Program Files\Efficient Reminder Free\EfficientReminderFree.exe (Efficient Software)
PRC - C:\Program Files (x86)\JGsoft\EditPadPro6\EditPadPro.exe (Just Great Software)
PRC - C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Password Keychain\Passkeychain.exe (NFX Technologies)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (LavasoftAdAwareService11) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe ()
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys (BitDefender LLC)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvolwin7.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaywin7.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirwin7.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfswin7.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (bcm44amd64) -- C:\Windows\SysNative\drivers\b44amd64.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://foodtoolz.com/"
FF - prefs.js..extensions.enabledAddons: b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a%404bb97481-aead-4c2e-a62b-e25e264651bb.com:0.94.56
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/03/21 18:52:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/29 15:12:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 15:12:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/29 15:12:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/29 15:12:03 | 000,000,000 | ---D | M]
 
[2014/03/20 17:35:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2014/04/04 12:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] ("The weDownload Manager") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins
[2014/04/05 07:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\userCode
[2014/03/29 15:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/03/29 15:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/29 15:12:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/05/16 18:00:12 | 000,046,856 | ---- | M] (E-Book Systems.) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOpf.dll
[2014/03/21 18:52:04 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://foodtoolz.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Entanglement Web App = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0\
CHR - Extension: WOT = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.11_0\
CHR - Extension: WOT = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.13_0\
CHR - Extension: WOT = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.6_0\
CHR - Extension: HootSuite Hootlet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn\4.1.2_0\
CHR - Extension: Webpage Screenshot = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\13.7_0\
CHR - Extension: AT_Hifana = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehkcjloafcfdoghagnjkcjpkgodpbglb\2_0\
CHR - Extension: Yahoo! Toolbar for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.41_0\
CHR - Extension: Yahoo! Toolbar for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.87_0\
CHR - Extension: avast! Online Security = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2016.82_0\
CHR - Extension: Page Refresh = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmooaemjmediafeacjplpbpenjnpcneg\1.1.6_0\
CHR - Extension: RealDownloader = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: Poppit = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Mail Checker = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: SEO for Chrome = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oangcciaeihlfmhppegpdceadpfaoclj\0.9.5_0\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Password Keychain] C:\Program Files (x86)\Password Keychain\Passkeychain.exe (NFX Technologies)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [XReminder] C:\Program Files (x86)\Impression eStudio\XReminder\XReminder.exe (Impression eStudio)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\Owner\AppData\Local\Apps\2.0\ROPOJ28D.2B0\7PTXV080.J05\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [Lavasoft AdBlock] C:\Program Files (x86)\Lavasoft\Ad-Aware AdBlocker (Alpha)\AdBlocker.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [XReminder] C:\Program Files (x86)\Impression eStudio\XReminder\XReminder.exe (Impression eStudio)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Reminder Free.lnk = E:\Program Files\Efficient Reminder Free\EfficientReminderFree.exe (Efficient Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\LavasoftProxy64.dll (Lavasoft Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6325F92E-2FB3-4B25-89FD-BB6A51872803}: DhcpNameServer = 192.168.1.1
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/14 09:48:11 | 000,000,097 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/06 13:01:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/06 12:03:12 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/06 12:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/04/06 12:00:10 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/06 11:59:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\mbar
[2014/04/05 14:29:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\VIRUS
[2014/04/05 14:07:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2014/04/05 14:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/04/05 14:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/05 14:07:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/05 14:07:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/04/05 12:01:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
[2014/04/05 12:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/04/05 12:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/04/05 12:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/04/05 11:20:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Gadwin
[2014/04/05 11:20:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Gadwin
[2014/04/05 11:20:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin
[2014/04/05 11:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadwin
[2014/04/05 10:09:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014/04/05 10:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2014/04/04 12:37:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/04 08:02:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Lavasoft
[2014/04/04 07:45:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Lavasoft
[2014/04/04 07:45:38 | 000,450,616 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysNative\LavasoftProxy64.dll
[2014/04/04 07:45:30 | 000,357,432 | ---- | C] (Lavasoft Limited) -- C:\Windows\SysWow64\LavasoftProxy.dll
[2014/04/04 07:45:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2014/04/04 07:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/04/04 07:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/04/03 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2014/04/03 13:27:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Diagnostics
[2014/04/03 08:55:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Macromedia
[2014/04/03 08:55:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Macromedia
[2014/03/31 12:58:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\EMAIL IMAGES
[2014/03/30 15:41:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PIX
[2014/03/30 14:50:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\vlc
[2014/03/30 10:28:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\E-mail Setups
[2014/03/29 15:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/27 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thinking BIG
[2014/03/27 16:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Font Viewer
[2014/03/26 17:13:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Help
[2014/03/26 17:13:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Help
[2014/03/26 17:12:10 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll
[2014/03/26 17:12:10 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll
[2014/03/26 17:12:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll
[2014/03/26 17:12:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll
[2014/03/26 17:12:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll
[2014/03/26 17:12:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll
[2014/03/26 17:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2014/03/26 16:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2014/03/26 13:19:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AdobeUM
[2014/03/25 15:43:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ilividmoviestoolbar181
[2014/03/25 14:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Analog Devices
[2014/03/25 14:26:17 | 000,386,048 | ---- | C] (Analog Devices, Inc.) -- C:\Windows\SysNative\drivers\ADIHdAud.sys
[2014/03/25 14:26:17 | 000,034,816 | ---- | C] (Analog Devices, Inc.) -- C:\Windows\SysNative\SmaxCo.dll
[2014/03/25 14:26:17 | 000,000,000 | ---D | C] -- C:\dell
[2014/03/25 14:23:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2014/03/25 14:23:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apps
[2014/03/25 14:23:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Deployment
[2014/03/25 11:42:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Adobe
[2014/03/23 22:37:58 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/03/23 11:37:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/23 11:37:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/03/23 11:37:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/03/23 11:37:33 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/23 11:37:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/03/23 11:37:33 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/23 11:37:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/23 11:37:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/03/23 11:37:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/23 11:37:32 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/23 11:37:31 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/23 11:37:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/23 11:37:30 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/23 11:37:30 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/23 11:37:29 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/23 11:37:29 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/23 11:37:29 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/23 11:37:29 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/03/23 11:37:28 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/03/23 11:37:28 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/23 11:37:27 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/23 11:37:27 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/23 11:37:26 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/23 11:37:26 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/22 18:47:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/03/22 17:11:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\SoftGrid Client
[2014/03/22 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2014/03/22 14:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/03/22 14:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPCSIGN Pro 2010
[2014/03/22 14:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SignMax
[2014/03/22 14:53:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2014/03/22 10:54:30 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/03/22 10:50:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/22 10:50:48 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/22 10:50:48 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/22 10:50:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/22 10:50:46 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/22 10:50:46 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/22 10:50:46 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/22 10:50:46 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/22 10:50:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/22 10:50:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/22 10:50:44 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/22 10:50:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/22 10:50:44 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/22 10:50:43 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/22 10:50:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/22 10:50:42 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/22 10:50:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/22 10:50:41 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/22 10:50:41 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/22 10:50:41 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/22 10:50:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/22 10:50:41 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/22 10:50:40 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/22 10:50:40 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/22 10:50:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/22 10:50:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/22 10:50:39 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/22 10:50:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/22 10:50:38 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/22 10:50:38 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/22 10:50:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/22 10:50:37 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/22 10:50:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/22 10:50:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/22 10:50:37 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:36 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/03/22 10:50:36 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/22 10:50:36 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/03/22 10:50:35 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/22 10:50:35 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/22 10:50:34 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/22 10:50:34 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/22 10:50:33 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/22 10:50:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/22 10:50:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/22 10:50:32 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/22 10:50:32 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/22 10:50:31 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/22 10:50:31 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/22 10:50:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/22 10:50:30 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/22 10:50:30 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/22 10:50:30 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/22 10:50:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/22 10:17:39 | 000,095,232 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxwia52.dll
[2014/03/22 10:17:39 | 000,004,608 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxwiaml.dll
[2014/03/22 10:17:38 | 000,161,280 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxuin52.dll
[2014/03/22 10:04:05 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msrepl35.dll
[2014/03/22 10:04:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vbar332.dll
[2014/03/22 10:04:05 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msxbse35.dll
[2014/03/22 10:04:05 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msrd2x35.dll
[2014/03/22 10:04:05 | 000,250,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspdox35.dll
[2014/03/22 10:04:05 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mstext35.dll
[2014/03/22 10:04:05 | 000,078,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb5db.dll
[2014/03/22 10:04:04 | 001,056,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msjet35.dll
[2014/03/22 10:04:04 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msexcl35.dll
[2014/03/22 10:04:04 | 000,166,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus35.dll
[2014/03/22 10:04:04 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint35.dll
[2014/03/22 10:04:04 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter35.dll
[2014/03/22 10:03:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2014/03/22 10:02:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
[2014/03/22 08:30:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Impression_eStudio
[2014/03/22 08:26:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XReminder
[2014/03/22 08:26:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Impression eStudio
[2014/03/22 07:30:58 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/03/22 07:30:57 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/03/22 07:30:54 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/03/22 07:30:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/03/22 07:30:40 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/03/22 07:30:39 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/03/22 07:29:59 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014/03/22 07:29:58 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014/03/22 07:29:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014/03/22 07:29:58 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014/03/22 07:29:57 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/03/22 07:29:57 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014/03/22 07:29:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014/03/22 07:28:53 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/03/22 07:28:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014/03/22 07:26:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\FileZilla
[2014/03/22 07:22:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Efficient Reminder Free
[2014/03/22 07:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/03/22 06:59:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/03/22 06:59:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/03/22 00:59:00 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/03/22 00:58:59 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/03/22 00:58:59 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/03/22 00:58:57 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/03/21 22:28:39 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/03/21 22:28:38 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/03/21 22:28:38 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:37 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/03/21 22:28:37 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/03/21 22:28:36 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/03/21 22:28:36 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/03/21 22:28:34 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/03/21 22:28:34 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/03/21 22:28:34 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/03/21 22:28:34 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/03/21 22:28:34 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/03/21 22:28:33 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/03/21 22:28:33 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/03/21 22:28:33 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/03/21 21:53:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/03/21 21:53:20 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/03/21 21:53:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/03/21 21:53:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/03/21 19:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
[2014/03/21 19:14:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Jasc Software Inc
[2014/03/21 19:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jasc Software Inc
[2014/03/21 19:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EditPad Pro 6
[2014/03/21 19:04:28 | 000,068,496 | ---- | C] (JGsoft - Just Great Software) -- C:\Windows\UnDeployV.exe
[2014/03/21 19:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JGsoft
[2014/03/21 19:02:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\JGsoft
[2014/03/21 18:56:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ElevatedDiagnostics
[2014/03/21 18:53:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\RealNetworks
[2014/03/21 18:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014/03/21 18:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/03/21 18:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014/03/21 18:52:10 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/03/21 18:51:59 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2014/03/21 18:51:59 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2014/03/21 18:51:57 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/03/21 18:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2014/03/21 18:51:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2014/03/21 18:50:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Real
[2014/03/21 18:40:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/03/21 18:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2014/03/21 14:04:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Thunderbird
[2014/03/21 14:02:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2014/03/21 12:15:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\LavasoftStatistics
[2014/03/21 12:15:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\LogMeIn Rescue Calling Card
[2014/03/21 12:08:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/03/21 12:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/03/21 08:48:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2014/03/21 08:43:32 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1
[2014/03/21 08:42:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRE
[2014/03/21 08:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2014/03/21 07:36:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Laflurla
[2014/03/20 22:28:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SolSuite
[2014/03/20 22:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Shopping Cart Creator Pro
[2014/03/20 22:15:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CoffeeCup Software
[2014/03/20 22:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Software
[2014/03/20 22:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2014/03/20 22:02:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2014/03/20 22:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoffeeCup Software
[2014/03/20 21:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Copernic
[2014/03/20 21:50:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Copernic
[2014/03/20 21:08:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\EPSON
[2014/03/20 21:07:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/03/20 18:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Keychain
[2014/03/20 18:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Password Keychain
[2014/03/20 18:19:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Syntrillium
[2014/03/20 17:47:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Mozilla
[2014/03/20 17:35:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2014/03/20 17:35:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Thunderbird
[2014/03/20 17:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/03/20 17:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/03/20 17:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uninstaller
[2014/03/20 17:02:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/03/20 16:53:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Programs
[2014/03/20 16:26:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2014/03/20 16:25:55 | 000,000,000 | ---D | C] -- C:\EPSONREG
[2014/03/20 16:25:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson
[2014/03/20 16:25:03 | 000,021,248 | ---- | C] (Padus, Inc.) -- C:\Windows\SysWow64\drivers\pfc.sys
[2014/03/20 16:24:33 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL
[2014/03/20 16:21:33 | 000,483,328 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK.dll
[2014/03/20 16:21:33 | 000,045,056 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicPrt.dll
[2014/03/20 16:21:33 | 000,045,056 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicMgr.dll
[2014/03/20 16:13:00 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/03/20 16:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
[2014/03/20 16:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/03/20 16:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
[2014/03/20 16:09:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2014/03/20 16:09:19 | 000,262,144 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysWow64\esint52.dll
[2014/03/20 16:09:19 | 000,180,224 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysWow64\eswia52.dll
[2014/03/20 13:08:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Unused Desktop Shortcuts
[2014/03/20 13:07:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\PCHF
[2014/03/20 13:07:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\OpenOffice.org 3.4.1 (en-US) Installation Files
[2014/03/20 13:07:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Image Software
[2014/03/20 13:07:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Adobe Reader 9 Installer
[2014/03/20 13:06:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Adobe InDesign CS5
[2014/03/20 13:06:18 | 015,492,608 | ---- | C] (Luis Cobian, CobianSoft) -- C:\Users\Owner\Desktop\cbSetup.exe
[2014/03/20 13:06:16 | 022,197,993 | ---- | C] (Zero G Software, Inc.) -- C:\Users\Owner\Desktop\ABFull.exe
[2014/03/20 13:06:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\CoffeeCup Software
[2014/03/20 13:03:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\{95EA60FC-B631-470C-98A7-B6EC973B6AA8}
[2014/03/20 13:03:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ZENCART
[2014/03/20 13:03:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ws_ftp
[2014/03/20 13:03:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Work At Home
[2014/03/20 13:03:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\WordPress
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\wmn
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Wind Storm 8-25-13
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Weedeater 1700
[2014/03/20 13:03:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\washer dryer
[2014/03/20 13:03:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Wallpaper
[2014/03/20 13:03:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\vivarium Tutorial
[2014/03/20 13:03:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\VA Medical History
[2014/03/20 13:03:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Upholstery Supplies
[2014/03/20 13:03:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Updater
[2014/03/20 13:03:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Twitter
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Turbo Lister Backup
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Turbo Lister
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Truck Rack
[2014/03/20 13:03:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Trinco
[2014/03/20 13:02:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TRANSFER
[2014/03/20 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TradeSmartU
[2014/03/20 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Tournament
[2014/03/20 13:01:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Tortoise Habitat
[2014/03/20 13:01:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TEMPO
[2014/03/20 13:01:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Templates - Photoshop
[2014/03/20 13:00:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\TEMP
[2014/03/20 13:00:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Sue's
[2014/03/20 13:00:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Studebaker Shop Manual 2
[2014/03/20 12:59:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Studebaker Shop Manual 1
[2014/03/20 12:59:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Storage Shed Plans
[2014/03/20 12:58:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Stonehedge
[2014/03/20 12:50:22 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/03/20 12:50:22 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/03/20 12:50:20 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/03/20 12:50:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014/03/20 12:50:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014/03/20 12:50:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014/03/20 12:49:45 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014/03/20 12:49:45 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014/03/20 12:49:45 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014/03/20 12:49:44 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014/03/20 12:49:44 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014/03/20 12:49:44 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014/03/20 12:49:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/03/20 12:49:37 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/20 12:49:37 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/20 12:49:30 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/03/20 12:49:08 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/20 12:49:07 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/20 12:48:51 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014/03/20 12:48:28 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/03/20 12:48:27 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/03/20 12:48:24 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014/03/20 12:48:24 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014/03/20 12:48:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014/03/20 12:48:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014/03/20 12:48:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014/03/20 12:48:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014/03/20 12:48:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014/03/20 12:48:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014/03/20 12:48:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014/03/20 12:48:12 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/03/20 12:48:03 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/03/20 12:48:03 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/03/20 12:48:03 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/03/20 12:47:32 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/03/20 12:47:32 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/03/20 12:47:27 | 000,000,000 | --SD | C] -- C:\Users\Owner\Documents\Sticky Passwords
[2014/03/20 12:47:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\stockdata
[2014/03/20 12:47:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Stencils
[2014/03/20 12:47:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Stencil Machine
[2014/03/20 12:47:23 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/03/20 12:47:22 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/03/20 12:47:21 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014/03/20 12:47:21 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/03/20 12:47:21 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/03/20 12:47:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/03/20 12:47:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Springdale stuff
[2014/03/20 12:47:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Spider Web
[2014/03/20 12:44:41 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/03/20 12:44:40 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/03/20 12:44:40 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/03/20 12:44:40 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/03/20 12:44:40 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/03/20 12:44:39 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/03/20 12:44:39 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/03/20 12:44:39 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/03/20 12:44:39 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/03/20 12:44:38 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/03/20 12:44:38 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/03/20 12:44:38 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/03/20 12:44:38 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/03/20 12:44:37 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/03/20 12:44:37 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/03/20 12:44:37 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/03/20 12:44:37 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/03/20 12:43:13 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014/03/20 12:43:12 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014/03/20 12:43:10 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/03/20 12:43:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/03/20 12:43:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Corporate Minutes
[2014/03/20 12:43:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/03/20 12:43:00 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014/03/20 12:42:40 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/03/20 12:42:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\Rusting
[2014/03/20 12:42:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\New Folder
[2014/03/20 12:42:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\Images
[2014/03/20 12:42:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\12 Volt Resource
[2014/03/20 12:42:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\B&B Spreadsheet '02
[2014/03/20 12:41:57 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014/03/20 12:41:57 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014/03/20 12:41:56 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014/03/20 12:41:56 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014/03/20 12:41:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014/03/20 12:41:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014/03/20 12:41:55 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014/03/20 12:41:55 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014/03/20 12:41:55 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014/03/20 12:41:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014/03/20 12:41:55 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014/03/20 12:41:54 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014/03/20 12:41:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014/03/20 12:41:48 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014/03/20 12:41:42 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014/03/20 12:41:42 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014/03/20 12:41:09 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/03/20 12:41:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/03/20 12:40:53 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/03/20 12:40:53 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/03/20 12:40:52 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/03/20 12:40:52 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/03/20 12:40:52 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/03/20 12:40:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/03/20 12:40:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/03/20 12:40:40 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014/03/20 12:40:39 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014/03/20 12:40:13 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/03/20 12:40:13 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/03/20 12:40:01 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/03/20 12:39:54 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/03/20 12:39:54 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/03/20 12:39:51 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/03/20 12:39:51 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/03/20 12:39:51 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/03/20 12:39:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/03/20 12:39:51 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/03/20 12:39:51 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/03/20 12:39:51 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/03/20 12:39:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/03/20 12:39:49 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014/03/20 12:39:49 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014/03/20 12:39:48 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014/03/20 12:39:48 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014/03/20 12:39:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Spanish
[2014/03/20 12:39:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\SONY BLU-RAY
[2014/03/20 12:39:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Skinners Pond
[2014/03/20 12:39:44 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/03/20 12:39:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Sitemaps
[2014/03/20 12:39:43 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/03/20 12:39:43 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/03/20 12:39:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/03/20 12:39:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/03/20 12:39:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Sitemap
[2014/03/20 12:39:35 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/03/20 12:39:33 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/03/20 12:39:33 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/03/20 12:39:32 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/03/20 12:39:32 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014/03/20 12:39:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Silhouettes
[2014/03/20 12:39:30 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/03/20 12:39:29 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/03/20 12:39:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014/03/20 12:39:19 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/03/20 12:39:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/03/20 12:39:19 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/03/20 12:39:19 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/03/20 12:39:18 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/03/20 12:39:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/03/20 12:39:18 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/03/20 12:39:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/03/20 12:39:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/03/20 12:39:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/03/20 12:39:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/03/20 12:39:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/03/20 12:39:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/03/20 12:39:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/03/20 12:39:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/03/20 12:39:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/03/20 12:39:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/03/20 12:39:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/03/20 12:39:09 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/03/20 12:39:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/03/20 12:39:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014/03/20 12:39:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014/03/20 12:39:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/03/20 12:39:01 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014/03/20 12:39:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014/03/20 12:39:00 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014/03/20 12:38:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014/03/20 12:38:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014/03/20 12:38:46 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014/03/20 12:38:42 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/03/20 12:38:42 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/03/20 12:38:18 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/03/20 12:37:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Shopping Carts
[2014/03/20 12:37:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\SHOP MANUALS
[2014/03/20 12:37:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\SEO
[2014/03/20 12:37:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\sem-ebooks
[2014/03/20 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\scramble
[2014/03/20 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Rochester Linkage
[2014/03/20 12:37:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Rochester Carb
[2014/03/20 12:37:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/03/20 12:37:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014/03/20 12:37:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014/03/20 12:37:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\River 2014
[2014/03/20 12:37:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\RESUMES'
[2014/03/20 12:37:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\resource_v2
[2014/03/20 12:37:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\resource_backup
[2014/03/20 12:37:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Quincy Compressor
[2014/03/20 12:37:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Property View
[2014/03/20 12:37:30 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/03/20 12:37:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Press Release
[2014/03/20 12:37:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\prescreen_sr001
[2014/03/20 12:37:26 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/03/20 12:37:26 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/03/20 12:37:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plastic molding
[2014/03/20 12:37:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plastic Handles
[2014/03/20 12:36:50 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/03/20 12:36:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plastic Casting
[2014/03/20 12:36:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Plant and Tree Rooting
[2014/03/20 12:36:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pinterest Tutorials
[2014/03/20 12:36:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/03/20 12:36:28 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014/03/20 12:36:28 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014/03/20 12:36:28 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014/03/20 12:36:28 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014/03/20 12:36:28 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014/03/20 12:36:28 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014/03/20 12:36:28 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014/03/20 12:36:28 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014/03/20 12:36:28 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014/03/20 12:36:28 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014/03/20 12:36:28 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014/03/20 12:36:28 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014/03/20 12:36:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014/03/20 12:36:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014/03/20 12:36:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014/03/20 12:36:28 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014/03/20 12:36:28 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014/03/20 12:36:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pictures
[2014/03/20 12:36:27 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014/03/20 12:36:27 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014/03/20 12:36:27 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/03/20 12:36:26 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014/03/20 12:36:26 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014/03/20 12:36:26 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014/03/20 12:36:26 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014/03/20 12:36:26 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014/03/20 12:36:26 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014/03/20 12:36:26 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014/03/20 12:36:26 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014/03/20 12:36:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PHPRunnerProjects
[2014/03/20 12:36:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PHPRunnerLayouts
[2014/03/20 12:36:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PHP
[2014/03/20 12:36:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PFAFF 1245
[2014/03/20 12:36:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PATENT FORMS
[2014/03/20 12:36:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pasture For Sale
[2014/03/20 12:36:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Pasture 2nd cut
[2014/03/20 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Paint Shop Pro 8
[2014/03/20 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\OTL
[2014/03/20 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Orange Crush
[2014/03/20 12:36:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\OpenOffice.org 3.3 (en-US) Installation Files
[2014/03/20 12:36:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\OneNote Notebooks
[2014/03/20 12:36:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ONAN
[2014/03/20 12:35:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\New Folder
[2014/03/20 12:35:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Webs
[2014/03/20 12:35:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My PSP8 Files
[2014/03/20 12:35:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My PSP Files
[2014/03/20 12:35:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My PDFill
[2014/03/20 12:35:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Kindle Content
[2014/03/20 12:35:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Albums
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\MJ
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\misc
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Medical Records
[2014/03/20 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Marvel Carb
[2014/03/20 12:35:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\MARKETING YOUR PRODUCT
[2014/03/20 12:35:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Make Magazine
[2014/03/20 12:35:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\LYRICS
[2014/03/20 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Love Seat
[2014/03/20 12:35:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\liteCam
[2014/03/20 12:35:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\LimeSurvey
[2014/03/20 12:35:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Landscaping Projects
[2014/03/20 12:35:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Lake Reflections
[2014/03/20 12:34:37 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014/03/20 12:34:36 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014/03/20 12:34:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014/03/20 12:34:35 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014/03/20 12:34:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\httpstomper999comday-1
[2014/03/20 12:34:19 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/03/20 12:34:19 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/03/20 12:34:18 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/03/20 12:34:18 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/03/20 12:34:18 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014/03/20 12:34:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014/03/20 12:34:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014/03/20 12:33:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\How To's - Instructables
[2014/03/20 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\House Videos
[2014/03/20 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\House Construction
[2014/03/20 12:33:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\HOPS
[2014/03/20 12:33:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\here2
[2014/03/20 12:33:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\here
[2014/03/20 12:33:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Handles
[2014/03/20 12:33:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Government Grants
[2014/03/20 12:33:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golfs
[2014/03/20 12:33:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\GOLFING
[2014/03/20 12:33:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golf Swing Plane
[2014/03/20 12:32:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golf DISTANCE
[2014/03/20 12:32:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Golf
[2014/03/20 12:32:50 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/03/20 12:32:49 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/03/20 12:32:49 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/03/20 12:32:48 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/03/20 12:32:48 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/03/20 12:32:48 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/03/20 12:32:48 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/03/20 12:32:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/03/20 12:32:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/03/20 12:32:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/03/20 12:32:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/03/20 12:32:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/03/20 12:32:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/03/20 12:32:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\GOLD
[2014/03/20 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\GIMP
[2014/03/20 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Geico
[2014/03/20 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\gegl-0.0
[2014/03/20 12:32:31 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/03/20 12:32:25 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/03/20 12:32:23 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/03/20 12:32:23 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/03/20 12:31:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014/03/20 12:31:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014/03/20 12:31:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/03/20 12:31:23 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/03/20 12:31:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/03/20 12:31:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Game of Thrones
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Gambrel Roof
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FrostWire
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FROGS
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Freemake
[2014/03/20 12:31:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FreeButtons Projects
[2014/03/20 12:31:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FotoMorph Data
[2014/03/20 12:31:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FotoMix Data
[2014/03/20 12:31:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Form
[2014/03/20 12:30:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FOOD TOOLZ
[2014/03/20 12:30:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Fonts
[2014/03/20 12:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\flpalbm_opf_files
[2014/03/20 12:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FIZZ
[2014/03/20 12:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Fitness Guides
[2014/03/20 12:30:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Fire Belly Frogs
[2014/03/20 12:30:16 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/03/20 12:30:13 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/03/20 12:30:13 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/03/20 12:30:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\FileZilla
[2014/03/20 12:30:09 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/03/20 12:30:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Expression
[2014/03/20 12:30:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Excercise - Stretch & Balance
[2014/03/20 12:30:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Employment
[2014/03/20 12:29:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/03/20 12:29:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/03/20 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\EMAIL IMAGES
[2014/03/20 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\EfficientPIM AutoBackup
[2014/03/20 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Ecwid Widgets
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\E-Commerce
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Ebay STuff
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\EBAY Stationary
[2014/03/20 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\DUMP
[2014/03/20 12:29:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Drain Field
[2014/03/20 12:29:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Downloads DELL
[2014/03/20 12:29:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/03/20 12:29:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014/03/20 12:20:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Downloads
[2014/03/20 12:20:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Dombroski Pics
[2014/03/20 12:20:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Devilibis  Compressor
[2014/03/20 12:20:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\dailyeod
[2014/03/20 12:20:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Contact
[2014/03/20 12:20:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Composting
[2014/03/20 12:12:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\CoffeeCup Software
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Coffee cup gifts
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Chrome
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Chili Recipes
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Caveman
[2014/03/20 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Casselman
[2014/03/20 12:12:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Carbs
[2014/03/20 12:12:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Camtasia Studio
[2014/03/20 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\California Fonts
[2014/03/20 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Caddy Card
[2014/03/20 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Buttons
[2014/03/20 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Business Loan
[2014/03/20 12:11:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\BOULDER WORDS
[2014/03/20 12:11:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Book_opf_files
[2014/03/20 12:11:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\BOOKS
[2014/03/20 12:11:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\BLUE RAZOR
[2014/03/20 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Blacksmith
[2014/03/20 12:11:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\B & B STORE
[2014/03/20 12:11:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Azureus Downloads
[2014/03/20 12:11:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Australian Redclaw Crayfish
[2014/03/20 12:11:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AquaPonics
[2014/03/20 12:11:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Aqua Clean Manual
[2014/03/20 12:11:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Altova
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Albums
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AeroFlo
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AdobeStockPhotos
[2014/03/20 12:11:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Add-in Express
[2014/03/20 12:10:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AcesBook_opf_files
[2014/03/20 12:10:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Aces Pics
[2014/03/20 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\ABS
[2014/03/20 12:10:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AA New Form
[2014/03/20 12:10:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AA Config
[2014/03/20 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\4-3 wire
[2014/03/20 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\1001
[2014/03/20 12:10:47 | 109,212,672 | ---- | C] (VMware, Inc.) -- C:\Users\Owner\Documents\VMware-player-3.1.4-385536.exe
[2014/03/20 12:08:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\Local
[2014/03/20 12:08:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\dwhelper
[2014/03/20 12:08:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\ChartNexus
[2014/03/20 12:08:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Auctonic
[2014/03/20 12:08:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\.thumbnails
[2014/03/20 12:08:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\.jstock
[2014/03/20 12:08:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\.gimp-2.8
[2014/03/20 12:08:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\.gimp-2.6
[2014/03/20 12:08:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\.frostwire5
[2014/03/20 12:08:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\MotiveWave Extensions
[2014/03/20 12:04:42 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/03/20 12:04:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014/03/20 12:04:09 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014/03/20 12:04:06 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/03/20 12:04:05 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/03/20 12:04:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/03/20 12:04:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/03/20 12:01:34 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014/03/20 12:01:34 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014/03/20 12:01:33 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/03/20 12:01:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/03/20 12:01:33 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/03/20 12:01:33 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/03/20 12:01:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/03/20 12:01:32 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/03/20 12:01:07 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/03/20 12:01:07 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014/03/20 12:00:45 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/03/20 12:00:18 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/03/20 12:00:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/03/20 12:00:14 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/03/20 11:59:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Adobe
[2014/03/20 11:59:50 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/03/20 11:59:50 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/03/20 11:59:49 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/03/20 11:59:49 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/03/20 11:59:45 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2014/03/20 11:59:44 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2014/03/20 11:58:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/03/20 11:58:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/03/20 11:39:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/06 13:09:54 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/06 13:06:13 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 13:06:13 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 13:00:12 | 000,002,305 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/04/06 12:56:57 | 000,630,784 | ---- | M] () -- C:\Users\Owner\Documents\MyReminder.erf
[2014/04/06 12:56:29 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Owner.job
[2014/04/06 12:56:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/06 12:55:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/06 12:55:46 | 1583,951,872 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/06 12:45:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/06 12:03:12 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/06 12:01:00 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 277f104f-cb47-45fc-b79c-739ee2537d65.job
[2014/04/06 12:00:10 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/05 14:07:38 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 12:40:00 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task cd608569-4bf1-4c34-9d3c-41f17e29b13e.job
[2014/04/05 12:00:47 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/04/05 11:20:47 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\Gadwin PrintScreen (64-Bit).lnk
[2014/04/05 10:09:26 | 000,002,975 | ---- | M] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2014/04/05 09:08:12 | 000,000,013 | ---- | M] () -- C:\Windows\SysWow64\WinSys32.crc
[2014/04/05 09:06:11 | 000,000,889 | ---- | M] () -- C:\Users\Owner\Desktop\CoffeeCup HTML Editor.lnk
[2014/04/05 07:06:59 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Owner.job
[2014/04/04 22:00:10 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Owner.job
[2014/04/04 12:34:59 | 001,426,178 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2014/04/04 10:17:11 | 000,007,624 | ---- | M] () -- C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
[2014/04/03 20:35:32 | 305,718,052 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/04/03 13:54:01 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2014/04/03 09:50:27 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/03 09:50:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/02 14:13:13 | 000,001,829 | ---- | M] () -- C:\Users\Owner\Documents\BOULDER WORDS - Shortcut (2).lnk
[2014/03/31 08:25:34 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/03/30 16:35:33 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/30 16:35:33 | 000,624,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/30 16:35:33 | 000,106,502 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/28 07:20:23 | 005,945,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/27 16:58:00 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Font Viewer.lnk
[2014/03/25 15:47:44 | 000,001,040 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2014/03/25 13:06:48 | 000,398,388 | ---- | M] () -- C:\Users\Owner\Documents\A11temp.EPS
[2014/03/25 11:28:08 | 000,000,295 | ---- | M] () -- C:\Users\Owner\Desktop\Cool Edit.lnk
[2014/03/25 11:21:15 | 000,001,883 | ---- | M] () -- C:\Users\Owner\Desktop\BOULDER WORDS.lnk
[2014/03/23 08:51:32 | 000,000,840 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Reminder Free.lnk
[2014/03/22 14:57:14 | 000,001,411 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/22 14:55:40 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\WinPCSIGN Pro 2010.lnk
[2014/03/22 10:50:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/22 10:50:48 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/22 10:50:48 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/22 10:50:48 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/22 10:50:46 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/22 10:50:46 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/22 10:50:46 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/22 10:50:46 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:45 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/22 10:50:45 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/22 10:50:45 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/22 10:50:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/22 10:50:44 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/22 10:50:44 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/22 10:50:44 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/22 10:50:44 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/22 10:50:43 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/22 10:50:42 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/22 10:50:42 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/22 10:50:41 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/22 10:50:41 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/22 10:50:41 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/22 10:50:41 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/22 10:50:41 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/22 10:50:40 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/22 10:50:40 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/22 10:50:40 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/22 10:50:40 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/22 10:50:39 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/22 10:50:39 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/22 10:50:38 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/22 10:50:38 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/22 10:50:38 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/22 10:50:37 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/22 10:50:37 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/22 10:50:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/22 10:50:37 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/03/22 10:50:36 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/03/22 10:50:36 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/22 10:50:36 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/03/22 10:50:35 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/22 10:50:35 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/22 10:50:34 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/22 10:50:34 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/22 10:50:34 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/22 10:50:33 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/22 10:50:33 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/22 10:50:33 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/22 10:50:32 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/22 10:50:32 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/22 10:50:31 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/22 10:50:31 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/22 10:50:31 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/22 10:50:30 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/22 10:50:30 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/22 10:50:30 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/22 10:50:30 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/22 10:17:48 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014/03/22 10:05:13 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 7.0.lnk
[2014/03/22 10:04:32 | 000,001,214 | ---- | M] () -- C:\Users\Public\Desktop\PERF3490P_3590P User's Guide.lnk
[2014/03/22 08:32:02 | 000,001,731 | ---- | M] () -- C:\Users\Owner\Desktop\XReminder - Shortcut.lnk
[2014/03/22 07:32:29 | 000,001,401 | ---- | M] () -- C:\Users\Owner\Desktop\Paint Shop Pro -.lnk
[2014/03/22 07:25:38 | 000,001,309 | ---- | M] () -- C:\Users\Owner\Desktop\EfficientReminderFree - Shortcut.lnk
[2014/03/21 22:28:39 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/03/21 22:28:39 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/03/21 22:28:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/03/21 22:28:38 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/03/21 22:28:38 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/03/21 22:28:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/03/21 22:28:37 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/03/21 22:28:37 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/03/21 22:28:36 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/03/21 22:28:36 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/03/21 22:28:34 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/03/21 22:28:34 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/03/21 22:28:34 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/03/21 22:28:34 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/03/21 22:28:34 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/03/21 22:28:33 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/03/21 22:28:33 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/03/21 22:28:33 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/03/21 19:04:29 | 000,001,432 | ---- | M] () -- C:\Users\Public\Desktop\EditPad Pro.lnk
[2014/03/21 18:52:51 | 000,001,268 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/03/21 18:52:10 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/03/21 18:51:59 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2014/03/21 18:51:59 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2014/03/21 18:51:57 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/03/21 14:21:06 | 000,002,114 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/03/21 14:02:18 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/03/21 11:56:05 | 000,051,988 | ---- | M] () -- C:\Users\Owner\Documents\KEYCHAIN.odt
[2014/03/21 09:11:35 | 000,000,513 | ---- | M] () -- C:\Users\Owner\Desktop\My Documents.lnk
[2014/03/21 08:43:35 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2014/03/20 22:19:08 | 000,001,314 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Designer Pro.lnk
[2014/03/20 22:17:14 | 000,001,298 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Designer.lnk
[2014/03/20 22:15:16 | 000,038,912 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\SharedSettings.ccs
[2014/03/20 22:15:02 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Creator Pro.lnk
[2014/03/20 22:08:50 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Shopping Cart Creator.lnk
[2014/03/20 21:52:05 | 000,000,687 | ---- | M] () -- C:\Users\Owner\Desktop\Copernic.lnk
[2014/03/20 18:34:43 | 000,001,012 | ---- | M] () -- C:\Users\Owner\Desktop\Password Keychain.lnk
[2014/03/20 18:23:55 | 000,000,622 | ---- | M] () -- C:\Users\Owner\Desktop\CdTree 3.lnk
[2014/03/20 18:19:25 | 000,000,727 | ---- | M] () -- C:\Users\Owner\Desktop\Sitemapper.lnk
[2014/03/20 18:15:19 | 000,000,837 | ---- | M] () -- C:\Users\Owner\Desktop\HTML Editor.lnk
[2014/03/20 18:04:07 | 000,008,284 | ---- | M] () -- C:\Windows\SysWow64\eps_icon.avi
[2014/03/20 17:53:55 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/20 17:46:50 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/20 13:19:25 | 000,009,721 | ---- | M] () -- C:\Users\Owner\Desktop\Registration_Login.eml
[2014/03/17 12:15:46 | 000,085,386 | ---- | M] () -- C:\Users\Owner\Documents\VA Bergman Payment History.pdf
[2014/03/15 08:58:20 | 000,050,688 | ---- | M] () -- C:\Users\Owner\Documents\THANK YOU.pub
[2014/03/07 17:09:33 | 000,002,283 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/07 17:08:22 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
 
========== Files Created - No Company Name ==========
 
[2014/04/05 14:07:38 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/05 12:01:47 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 277f104f-cb47-45fc-b79c-739ee2537d65.job
[2014/04/05 12:01:44 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task cd608569-4bf1-4c34-9d3c-41f17e29b13e.job
[2014/04/05 12:00:47 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/04/05 11:20:47 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\Gadwin PrintScreen (64-Bit).lnk
[2014/04/05 10:09:26 | 000,002,975 | ---- | C] () -- C:\Users\Owner\Desktop\HiJackThis.lnk
[2014/04/05 09:06:18 | 000,000,013 | ---- | C] () -- C:\Windows\SysWow64\WinSys32.crc
[2014/04/05 09:06:11 | 000,000,889 | ---- | C] () -- C:\Users\Owner\Desktop\CoffeeCup HTML Editor.lnk
[2014/04/04 12:34:18 | 001,426,178 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner.exe
[2014/04/04 07:36:13 | 000,002,305 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/04/02 21:59:03 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Owner.job
[2014/04/02 21:59:02 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Owner.job
[2014/04/02 21:59:01 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Owner.job
[2014/04/02 14:13:13 | 000,001,829 | ---- | C] () -- C:\Users\Owner\Documents\BOULDER WORDS - Shortcut (2).lnk
[2014/03/27 16:58:00 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Font Viewer.lnk
[2014/03/25 15:47:44 | 000,001,040 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2014/03/25 11:21:15 | 000,001,883 | ---- | C] () -- C:\Users\Owner\Desktop\BOULDER WORDS.lnk
[2014/03/23 22:20:47 | 000,007,624 | ---- | C] () -- C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
[2014/03/23 08:51:32 | 000,000,840 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Efficient Reminder Free.lnk
[2014/03/22 14:57:14 | 000,001,411 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/22 14:55:40 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\WinPCSIGN Pro 2010.lnk
[2014/03/22 10:50:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/22 10:50:34 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/22 10:17:38 | 000,064,000 | ---- | C] () -- C:\Windows\SysNative\esfw52.bin
[2014/03/22 10:05:13 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 7.0.lnk
[2014/03/22 10:05:12 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 7.0.lnk
[2014/03/22 08:32:02 | 000,001,731 | ---- | C] () -- C:\Users\Owner\Desktop\XReminder - Shortcut.lnk
[2014/03/22 07:32:29 | 000,001,401 | ---- | C] () -- C:\Users\Owner\Desktop\Paint Shop Pro -.lnk
[2014/03/22 07:25:38 | 000,001,309 | ---- | C] () -- C:\Users\Owner\Desktop\EfficientReminderFree - Shortcut.lnk
[2014/03/21 21:53:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/03/21 19:04:29 | 000,001,432 | ---- | C] () -- C:\Users\Public\Desktop\EditPad Pro.lnk
[2014/03/21 18:52:51 | 000,001,268 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2014/03/21 14:02:18 | 000,002,114 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/03/21 14:02:18 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2014/03/21 14:02:18 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/03/21 08:55:26 | 000,051,988 | ---- | C] () -- C:\Users\Owner\Documents\KEYCHAIN.odt
[2014/03/21 08:43:35 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2014/03/20 22:19:08 | 000,001,314 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Designer Pro.lnk
[2014/03/20 22:17:14 | 000,001,298 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Designer.lnk
[2014/03/20 22:15:14 | 000,038,912 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\SharedSettings.ccs
[2014/03/20 22:15:02 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Creator Pro.lnk
[2014/03/20 22:02:53 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Shopping Cart Creator.lnk
[2014/03/20 21:07:40 | 305,718,052 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/03/20 19:41:41 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2014/03/20 18:34:43 | 000,001,012 | ---- | C] () -- C:\Users\Owner\Desktop\Password Keychain.lnk
[2014/03/20 18:04:07 | 000,008,284 | ---- | C] () -- C:\Windows\SysWow64\eps_icon.avi
[2014/03/20 17:46:50 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/03/20 17:46:50 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/20 16:25:19 | 000,001,214 | ---- | C] () -- C:\Users\Public\Desktop\PERF3490P_3590P User's Guide.lnk
[2014/03/20 16:21:33 | 000,066,532 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2014/03/20 16:21:33 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2014/03/20 16:21:33 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2014/03/20 16:21:33 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2014/03/20 16:21:33 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2014/03/20 16:21:33 | 000,012,669 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2014/03/20 16:21:33 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2014/03/20 16:21:33 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2014/03/20 16:21:33 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2014/03/20 16:21:33 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2014/03/20 16:21:33 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2014/03/20 16:21:33 | 000,006,226 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2014/03/20 16:21:33 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2014/03/20 16:21:33 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2014/03/20 16:21:33 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2014/03/20 16:21:33 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2014/03/20 16:21:33 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2014/03/20 16:21:33 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2014/03/20 16:21:33 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2014/03/20 16:21:33 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2014/03/20 16:09:21 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014/03/20 16:09:19 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\esfw52.bin
[2014/03/20 13:06:25 | 000,542,208 | ---- | C] () -- C:\Users\Owner\Desktop\PageSpeedTester.exe
[2014/03/20 13:06:25 | 000,083,931 | ---- | C] () -- C:\Users\Owner\Desktop\PCHF.zip
[2014/03/20 13:06:25 | 000,009,721 | ---- | C] () -- C:\Users\Owner\Desktop\Registration_Login.eml
[2014/03/20 13:06:25 | 000,000,654 | ---- | C] () -- C:\Users\Owner\Desktop\RehabValuatorLite.lnk
[2014/03/20 13:06:25 | 000,000,394 | ---- | C] () -- C:\Users\Owner\Desktop\SolSuite.lnk
[2014/03/20 13:06:24 | 000,000,095 | ---- | C] () -- C:\Users\Owner\Desktop\Outlook - toburgie@hotmail.com.URL
[2014/03/20 13:06:23 | 158,067,944 | ---- | C] () -- C:\Users\Owner\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe
[2014/03/20 13:06:20 | 140,467,400 | ---- | C] () -- C:\Users\Owner\Desktop\OOo_3.2.1_Win_x86_install_en-US.exe
[2014/03/20 13:06:19 | 000,000,513 | ---- | C] () -- C:\Users\Owner\Desktop\My Documents.lnk
[2014/03/20 13:06:18 | 000,002,058 | ---- | C] () -- C:\Users\Owner\Desktop\IFS Charting Station.lnk
[2014/03/20 13:06:18 | 000,000,837 | ---- | C] () -- C:\Users\Owner\Desktop\HTML Editor.lnk
[2014/03/20 13:06:18 | 000,000,727 | ---- | C] () -- C:\Users\Owner\Desktop\Sitemapper.lnk
[2014/03/20 13:06:18 | 000,000,687 | ---- | C] () -- C:\Users\Owner\Desktop\Copernic.lnk
[2014/03/20 13:06:18 | 000,000,622 | ---- | C] () -- C:\Users\Owner\Desktop\CdTree 3.lnk
[2014/03/20 13:06:18 | 000,000,295 | ---- | C] () -- C:\Users\Owner\Desktop\Cool Edit.lnk
[2014/03/20 13:06:16 | 000,000,062 | ---- | C] () -- C:\Users\Owner\Desktop\Access cPanel Webmail.URL
[2014/03/20 12:39:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/03/20 12:10:49 | 007,641,637 | ---- | C] () -- C:\Users\Owner\Documents\Wiscon vh4d-parts-manual.pdf
[2014/03/20 12:10:49 | 001,366,810 | ---- | C] () -- C:\Users\Owner\Documents\ZEN-implementation-guide-beta.pdf
[2014/03/20 12:10:49 | 000,023,663 | ---- | C] () -- C:\Users\Owner\Documents\zigzag-blue-ks.jpg
[2014/03/20 12:10:48 | 002,010,883 | ---- | C] () -- C:\Users\Owner\Documents\Who_Is_She-1.pdf
[2014/03/20 12:10:48 | 000,093,391 | ---- | C] () -- C:\Users\Owner\Documents\Washington Sales Tax (Counties).pdf
[2014/03/20 12:10:44 | 006,961,749 | ---- | C] () -- C:\Users\Owner\Documents\Vizio_M550SV.pdf
[2014/03/20 12:10:44 | 006,200,553 | ---- | C] () -- C:\Users\Owner\Documents\Uptime_small.wmv
[2014/03/20 12:10:44 | 003,354,704 | ---- | C] () -- C:\Users\Owner\Documents\Vizio E701i-A3 QSG.pdf
[2014/03/20 12:10:44 | 001,108,085 | ---- | C] () -- C:\Users\Owner\Documents\Ubiquiti_datasheet.pdf
[2014/03/20 12:10:44 | 000,728,996 | ---- | C] () -- C:\Users\Owner\Documents\Under Floor Heating.pdf
[2014/03/20 12:10:44 | 000,097,087 | ---- | C] () -- C:\Users\Owner\Documents\Vacuum tubes.jpg
[2014/03/20 12:10:44 | 000,087,023 | ---- | C] () -- C:\Users\Owner\Documents\Vacuum tubes1.jpg
[2014/03/20 12:10:44 | 000,085,386 | ---- | C] () -- C:\Users\Owner\Documents\VA Bergman Payment History.pdf
[2014/03/20 12:10:44 | 000,029,769 | ---- | C] () -- C:\Users\Owner\Documents\US Bank Statement.pdf
[2014/03/20 12:10:44 | 000,028,324 | ---- | C] () -- C:\Users\Owner\Documents\US Bank Statement2.pdf
[2014/03/20 12:10:43 | 007,220,285 | ---- | C] () -- C:\Users\Owner\Documents\TrimBrite.pdf
[2014/03/20 12:10:43 | 002,992,663 | ---- | C] () -- C:\Users\Owner\Documents\ToplessAussies.pdf
[2014/03/20 12:10:43 | 000,721,359 | ---- | C] () -- C:\Users\Owner\Documents\TwitterEffectively09.pdf
[2014/03/20 12:10:34 | 335,308,192 | ---- | C] () -- C:\Users\Owner\Documents\Thunderbird 3.0 (en-US) - 2010-01-23.pcv
[2014/03/20 12:10:33 | 008,292,805 | ---- | C] () -- C:\Users\Owner\Documents\SpokaneCountyMap2012.pdf
[2014/03/20 12:10:33 | 001,994,687 | ---- | C] () -- C:\Users\Owner\Documents\TheNextGoldRush1.0.pdf
[2014/03/20 12:10:33 | 000,943,307 | ---- | C] () -- C:\Users\Owner\Documents\Siouxland(CMYK).pdf
[2014/03/20 12:10:33 | 000,929,818 | ---- | C] () -- C:\Users\Owner\Documents\SpokaneCommunityCare.pdf
[2014/03/20 12:10:33 | 000,515,760 | ---- | C] () -- C:\Users\Owner\Documents\Snowblower_prices.pdf
[2014/03/20 12:10:33 | 000,267,920 | ---- | C] () -- C:\Users\Owner\Documents\swivel electrical connector.pdf
[2014/03/20 12:10:33 | 000,262,612 | ---- | C] () -- C:\Users\Owner\Documents\SpokaneCounty2012ExemptionForm.pdf
[2014/03/20 12:10:33 | 000,208,519 | ---- | C] () -- C:\Users\Owner\Documents\Sundance.jpg
[2014/03/20 12:10:33 | 000,200,998 | ---- | C] () -- C:\Users\Owner\Documents\Sundance1.jpg
[2014/03/20 12:10:33 | 000,162,639 | ---- | C] () -- C:\Users\Owner\Documents\Simple_template.pdf
[2014/03/20 12:10:33 | 000,113,664 | ---- | C] () -- C:\Users\Owner\Documents\ThanksEmail.pub
[2014/03/20 12:10:33 | 000,064,435 | ---- | C] () -- C:\Users\Owner\Documents\Spokane Golf and Travel Show 2014_1.pdf
[2014/03/20 12:10:33 | 000,050,688 | ---- | C] () -- C:\Users\Owner\Documents\THANK YOU.pub
[2014/03/20 12:10:33 | 000,001,054 | ---- | C] () -- C:\Users\Owner\Documents\TheFind_Feed_Header.csv
[2014/03/20 12:10:32 | 006,128,636 | ---- | C] () -- C:\Users\Owner\Documents\Shorting Stock TSU virtual trade.flv
[2014/03/20 12:10:32 | 005,499,999 | ---- | C] () -- C:\Users\Owner\Documents\Signage.pdf
[2014/03/20 12:10:32 | 003,606,479 | ---- | C] () -- C:\Users\Owner\Documents\silhouettes005.jpg
[2014/03/20 12:10:30 | 038,209,776 | ---- | C] () -- C:\Users\Owner\Documents\Shorting Stock TSU virtual trade.avi
[2014/03/20 12:10:30 | 012,896,505 | ---- | C] () -- C:\Users\Owner\Documents\Shoreline DOE Findings.pdf
[2014/03/20 12:10:29 | 007,030,167 | ---- | C] () -- C:\Users\Owner\Documents\Road Runner
[2014/03/20 12:10:29 | 006,821,472 | ---- | C] () -- C:\Users\Owner\Documents\Search Engine Marketing~tqw~_darksiderg.pdf
[2014/03/20 12:10:29 | 005,034,886 | ---- | C] () -- C:\Users\Owner\Documents\SaltWater.wmv
[2014/03/20 12:10:29 | 001,873,616 | ---- | C] () -- C:\Users\Owner\Documents\Ryobi Miter Saw TS1551_282_eng.pdf
[2014/03/20 12:10:29 | 000,986,589 | ---- | C] () -- C:\Users\Owner\Documents\ScanahandTemplate1.jpg
[2014/03/20 12:10:29 | 000,871,628 | ---- | C] () -- C:\Users\Owner\Documents\retire-on-$10k.pdf
[2014/03/20 12:10:29 | 000,231,364 | ---- | C] () -- C:\Users\Owner\Documents\Rochester Carb005.jpg
[2014/03/20 12:10:29 | 000,164,421 | ---- | C] () -- C:\Users\Owner\Documents\Resume USA Jobs023.jpg
[2014/03/20 12:10:29 | 000,062,431 | ---- | C] () -- C:\Users\Owner\Documents\Reman Numbers.pdf
[2014/03/20 12:10:29 | 000,047,605 | ---- | C] () -- C:\Users\Owner\Documents\Resident_Opinion0001-1.pdf
[2014/03/20 12:10:29 | 000,026,029 | ---- | C] () -- C:\Users\Owner\Documents\rockwell_chandelier_Med.jpg
[2014/03/20 12:10:29 | 000,004,650 | ---- | C] () -- C:\Users\Owner\Documents\setup.css
[2014/03/20 12:10:29 | 000,000,117 | ---- | C] () -- C:\Users\Owner\Documents\serverupdate.dat
[2014/03/20 12:10:28 | 002,666,612 | ---- | C] () -- C:\Users\Owner\Documents\Propane Tubing.pdf
[2014/03/20 12:10:28 | 001,387,833 | ---- | C] () -- C:\Users\Owner\Documents\PP_OrderMgmt_IntegrationGuide.pdf
[2014/03/20 12:10:28 | 001,340,112 | ---- | C] () -- C:\Users\Owner\Documents\POTLIFTER.pdf
[2014/03/20 12:10:28 | 001,000,665 | ---- | C] () -- C:\Users\Owner\Documents\pspbrwse.jbf
[2014/03/20 12:10:28 | 000,953,883 | ---- | C] () -- C:\Users\Owner\Documents\Priority Mail Rates.pdf
[2014/03/20 12:10:28 | 000,781,413 | ---- | C] () -- C:\Users\Owner\Documents\Pond Plans.pdf
[2014/03/20 12:10:28 | 000,552,345 | ---- | C] () -- C:\Users\Owner\Documents\ProtectYourComputer.pdf
[2014/03/20 12:10:28 | 000,407,670 | ---- | C] () -- C:\Users\Owner\Documents\Registration ISUZU.jpg
[2014/03/20 12:10:28 | 000,407,605 | ---- | C] () -- C:\Users\Owner\Documents\Registration ISUZU007.jpg
[2014/03/20 12:10:28 | 000,365,485 | ---- | C] () -- C:\Users\Owner\Documents\PoultryPen.pdf
[2014/03/20 12:10:28 | 000,193,316 | ---- | C] () -- C:\Users\Owner\Documents\prob.jpg
[2014/03/20 12:10:28 | 000,133,227 | ---- | C] () -- C:\Users\Owner\Documents\Plant Guide for QUAKING ASPEN.pdf
[2014/03/20 12:10:28 | 000,034,564 | ---- | C] () -- C:\Users\Owner\Documents\Raspberries and Blackberries.odt
[2014/03/20 12:10:27 | 004,364,945 | ---- | C] () -- C:\Users\Owner\Documents\PayPal WebsitePaymentsStandard_IntegrationGuide.pdf
[2014/03/20 12:10:27 | 001,973,760 | ---- | C] () -- C:\Users\Owner\Documents\Pearlann-Golf.pps
[2014/03/20 12:10:27 | 000,079,655 | ---- | C] () -- C:\Users\Owner\Documents\Pelosi_L2.pdf
[2014/03/20 12:10:27 | 000,047,275 | ---- | C] () -- C:\Users\Owner\Documents\PIPEcharts.pdf
[2014/03/20 12:10:27 | 000,027,323 | ---- | C] () -- C:\Users\Owner\Documents\Pipe-Dimensions-Weights-Chart.pdf
[2014/03/20 12:10:27 | 000,012,887 | ---- | C] () -- C:\Users\Owner\Documents\optionpurchaserealestate.pdf
[2014/03/20 12:10:26 | 013,961,218 | ---- | C] () -- C:\Users\Owner\Documents\Onan Master Service Manual.pdf
[2014/03/20 12:10:26 | 002,451,078 | ---- | C] () -- C:\Users\Owner\Documents\M_MONROE_POSTER.jpg
[2014/03/20 12:10:26 | 002,352,966 | ---- | C] () -- C:\Users\Owner\Documents\OLYMPUS SP-600UZ_Instruction_Manual_EN.pdf
[2014/03/20 12:10:26 | 002,352,966 | ---- | C] () -- C:\Users\Owner\Documents\Olympus SP-600UZ Camera.pdf
[2014/03/20 12:10:26 | 001,120,018 | ---- | C] () -- C:\Users\Owner\Documents\Motor_Vehicle_Collision_Report_empowered1.pdf
[2014/03/20 12:10:26 | 000,630,784 | ---- | C] () -- C:\Users\Owner\Documents\MyReminder.erf
[2014/03/20 12:10:26 | 000,473,814 | ---- | C] () -- C:\Users\Owner\Documents\NCP return equip.jpg
[2014/03/20 12:10:26 | 000,253,266 | ---- | C] () -- C:\Users\Owner\Documents\Mystery shopperapp.pdf
[2014/03/20 12:10:26 | 000,129,525 | ---- | C] () -- C:\Users\Owner\Documents\MUSKRAT CONTROL AND DAMAGE.pdf
[2014/03/20 12:10:26 | 000,040,069 | ---- | C] () -- C:\Users\Owner\Documents\o.jpg
[2014/03/20 12:10:26 | 000,010,365 | ---- | C] () -- C:\Users\Owner\Documents\New Database1.odb
[2014/03/20 12:10:26 | 000,002,646 | ---- | C] () -- C:\Users\Owner\Documents\New Database.odb
[2014/03/20 12:10:26 | 000,002,319 | ---- | C] () -- C:\Users\Owner\Documents\New Database2.odb
[2014/03/20 12:10:25 | 003,190,274 | ---- | C] () -- C:\Users\Owner\Documents\LIEBHERRCARWASH.WMV
[2014/03/20 12:10:25 | 002,679,796 | ---- | C] () -- C:\Users\Owner\Documents\MACSeatingBowl.pdf
[2014/03/20 12:10:25 | 002,112,215 | ---- | C] () -- C:\Users\Owner\Documents\MACSeatingBowl9_2_04.pdf
[2014/03/20 12:10:25 | 001,448,112 | ---- | C] () -- C:\Users\Owner\Documents\Medicare-Asuris.pdf
[2014/03/20 12:10:25 | 001,344,537 | ---- | C] () -- C:\Users\Owner\Documents\Monroe1b.jpg
[2014/03/20 12:10:25 | 001,302,055 | ---- | C] () -- C:\Users\Owner\Documents\Motorola Tracfone Manual.pdf
[2014/03/20 12:10:25 | 001,282,271 | ---- | C] () -- C:\Users\Owner\Documents\low_pass.wmv
[2014/03/20 12:10:25 | 001,268,265 | ---- | C] () -- C:\Users\Owner\Documents\Medicare-Humana.pdf
[2014/03/20 12:10:25 | 001,230,426 | ---- | C] () -- C:\Users\Owner\Documents\Monroe1a.jpg
[2014/03/20 12:10:25 | 001,160,125 | ---- | C] () -- C:\Users\Owner\Documents\marsh_stencil_machine_manual.pdf
[2014/03/20 12:10:25 | 001,120,018 | ---- | C] () -- C:\Users\Owner\Documents\Motor_Vehicle_Collision_Report_empowered.pdf
[2014/03/20 12:10:25 | 001,078,510 | ---- | C] () -- C:\Users\Owner\Documents\Monroe001.jpg
[2014/03/20 12:10:25 | 000,480,911 | ---- | C] () -- C:\Users\Owner\Documents\Monroe1c.jpg
[2014/03/20 12:10:25 | 000,071,360 | ---- | C] () -- C:\Users\Owner\Documents\Liqueurs.odt
[2014/03/20 12:10:25 | 000,021,148 | ---- | C] () -- C:\Users\Owner\Documents\liquid-measures.jpg
[2014/03/20 12:10:25 | 000,021,140 | ---- | C] () -- C:\Users\Owner\Documents\liquid-measures.gif
[2014/03/20 12:10:24 | 011,747,703 | ---- | C] () -- C:\Users\Owner\Documents\InnerGlass.pdf
[2014/03/20 12:10:24 | 004,873,753 | ---- | C] () -- C:\Users\Owner\Documents\Lawyer Nursery Catalog.pdf
[2014/03/20 12:10:24 | 004,728,203 | ---- | C] () -- C:\Users\Owner\Documents\KeeneCatalog.pdf
[2014/03/20 12:10:24 | 004,291,721 | ---- | C] () -- C:\Users\Owner\Documents\LawyerNursery2009_2010Catalog.pdf
[2014/03/20 12:10:24 | 000,650,930 | ---- | C] () -- C:\Users\Owner\Documents\lame3.99.5.zip
[2014/03/20 12:10:24 | 000,220,812 | ---- | C] () -- C:\Users\Owner\Documents\K&N filter cleaning instructions.pdf
[2014/03/20 12:10:24 | 000,158,490 | ---- | C] () -- C:\Users\Owner\Documents\JARPA 2012(2).pdf
[2014/03/20 12:10:24 | 000,146,505 | ---- | C] () -- C:\Users\Owner\Documents\Ionic Breeze.pdf
[2014/03/20 12:10:23 | 005,648,390 | ---- | C] () -- C:\Users\Owner\Documents\HOW_TO_TELL_A_JOKE.wmv
[2014/03/20 12:10:23 | 004,701,531 | ---- | C] () -- C:\Users\Owner\Documents\indiegogo-field-guide-for-campaigners2.original.pdf
[2014/03/20 12:10:23 | 002,582,492 | ---- | C] () -- C:\Users\Owner\Documents\Heat Tape ownersman_web.pdf
[2014/03/20 12:10:23 | 002,064,707 | ---- | C] () -- C:\Users\Owner\Documents\HP Notebook Manual.pdf
[2014/03/20 12:10:23 | 001,393,138 | ---- | C] () -- C:\Users\Owner\Documents\Horizon[1]-1.pdf
[2014/03/20 12:10:23 | 001,393,137 | ---- | C] () -- C:\Users\Owner\Documents\Horizon (2)-1.pdf
[2014/03/20 12:10:23 | 000,351,543 | ---- | C] () -- C:\Users\Owner\Documents\Heat Tape_broch_web.pdf
[2014/03/20 12:10:23 | 000,132,959 | ---- | C] () -- C:\Users\Owner\Documents\HIO Contract.PDF
[2014/03/20 12:10:23 | 000,130,108 | ---- | C] () -- C:\Users\Owner\Documents\InDesign CS5 Read Me.pdf
[2014/03/20 12:10:23 | 000,088,449 | ---- | C] () -- C:\Users\Owner\Documents\img1.jpg
[2014/03/20 12:10:23 | 000,059,145 | ---- | C] () -- C:\Users\Owner\Documents\HF.jpg
[2014/03/20 12:10:23 | 000,056,582 | ---- | C] () -- C:\Users\Owner\Documents\IMG_0148mn1.jpg
[2014/03/20 12:10:23 | 000,035,185 | ---- | C] () -- C:\Users\Owner\Documents\Image1.gif
[2014/03/20 12:10:22 | 005,127,439 | ---- | C] () -- C:\Users\Owner\Documents\GunCONTROL_Shatner.wmv
[2014/03/20 12:10:22 | 002,302,973 | ---- | C] () -- C:\Users\Owner\Documents\Grommet Machine Instructions for printing.pdf
[2014/03/20 12:10:22 | 001,348,224 | ---- | C] () -- C:\Users\Owner\Documents\GroundFloorDeck.pdf
[2014/03/20 12:10:22 | 000,861,876 | ---- | C] () -- C:\Users\Owner\Documents\GOLFUN Magazine.bpf
[2014/03/20 12:10:22 | 000,508,230 | ---- | C] () -- C:\Users\Owner\Documents\Gonzaga1004.jpg
[2014/03/20 12:10:22 | 000,499,712 | ---- | C] () -- C:\Users\Owner\Documents\GOLFUN Magazine.bpd
[2014/03/20 12:10:22 | 000,391,115 | ---- | C] () -- C:\Users\Owner\Documents\Gonzaga003.jpg
[2014/03/20 12:10:22 | 000,291,063 | ---- | C] () -- C:\Users\Owner\Documents\Golf Today NW_Pricing.pdf
[2014/03/20 12:10:22 | 000,059,831 | ---- | C] () -- C:\Users\Owner\Documents\Golf Torny Contract.pdf
[2014/03/20 12:10:22 | 000,031,875 | ---- | C] () -- C:\Users\Owner\Documents\Google Sitemap Generator Instructions.odt
[2014/03/20 12:10:22 | 000,031,821 | ---- | C] () -- C:\Users\Owner\Documents\golfer.jpg
[2014/03/20 12:10:21 | 003,507,784 | ---- | C] () -- C:\Users\Owner\Documents\energy_savers.pdf
[2014/03/20 12:10:21 | 001,956,962 | ---- | C] () -- C:\Users\Owner\Documents\Gerry Bergman VIP-1.pdf
[2014/03/20 12:10:21 | 001,650,772 | ---- | C] () -- C:\Users\Owner\Documents\Ghost Town Building.jpg
[2014/03/20 12:10:21 | 001,488,896 | ---- | C] () -- C:\Users\Owner\Documents\EmpireStateBldg1.pps
[2014/03/20 12:10:21 | 001,176,699 | ---- | C] () -- C:\Users\Owner\Documents\Garage plans.pdf
[2014/03/20 12:10:21 | 000,640,394 | ---- | C] () -- C:\Users\Owner\Documents\Frested.jpg
[2014/03/20 12:10:21 | 000,490,266 | ---- | C] () -- C:\Users\Owner\Documents\Frosty.jpg
[2014/03/20 12:10:21 | 000,452,043 | ---- | C] () -- C:\Users\Owner\Documents\Frost.jpg
[2014/03/20 12:10:21 | 000,434,437 | ---- | C] () -- C:\Users\Owner\Documents\Facebook-tent-cards-self-serve.pdf
[2014/03/20 12:10:21 | 000,326,144 | ---- | C] () -- C:\Users\Owner\Documents\GB Website.tlx
[2014/03/20 12:10:21 | 000,193,640 | ---- | C] () -- C:\Users\Owner\Documents\Golf Show Approved by Fire Marshal_12_13.pdf
[2014/03/20 12:10:21 | 000,136,692 | ---- | C] () -- C:\Users\Owner\Documents\FORM.fb
[2014/03/20 12:10:21 | 000,103,226 | ---- | C] () -- C:\Users\Owner\Documents\FlatBelly.jpg
[2014/03/20 12:10:21 | 000,081,563 | ---- | C] () -- C:\Users\Owner\Documents\Golf Car Shelter.pdf
[2014/03/20 12:10:21 | 000,081,563 | ---- | C] () -- C:\Users\Owner\Documents\Golf Car Cover PVC.pdf
[2014/03/20 12:10:21 | 000,076,630 | ---- | C] () -- C:\Users\Owner\Documents\fan.jpg
[2014/03/20 12:10:21 | 000,069,632 | ---- | C] () -- C:\Users\Owner\Documents\Gift Certificate.pub
[2014/03/20 12:10:21 | 000,049,152 | ---- | C] () -- C:\Users\Owner\Documents\Frog Eye Salad.pub
[2014/03/20 12:10:21 | 000,044,843 | ---- | C] () -- C:\Users\Owner\Documents\fa.jpg
[2014/03/20 12:10:21 | 000,019,833 | ---- | C] () -- C:\Users\Owner\Documents\Golf Scramble.odt
[2014/03/20 12:10:21 | 000,013,572 | ---- | C] () -- C:\Users\Owner\Documents\flpalbm.opf
[2014/03/20 12:10:21 | 000,000,305 | ---- | C] () -- C:\Users\Owner\Documents\fourforfore_encoded.dat
[2014/03/20 12:10:20 | 002,204,564 | ---- | C] () -- C:\Users\Owner\Documents\ElectricCar.pdf
[2014/03/20 12:10:18 | 031,015,688 | ---- | C] () -- C:\Users\Owner\Documents\Edelbrock Catalog.pdf
[2014/03/20 12:10:18 | 000,757,133 | ---- | C] () -- C:\Users\Owner\Documents\download_file_1253446943.pdf
[2014/03/20 12:10:18 | 000,546,670 | ---- | C] () -- C:\Users\Owner\Documents\download_file_1258549332.pdf
[2014/03/20 12:10:18 | 000,322,886 | ---- | C] () -- C:\Users\Owner\Documents\Drill Doctor 750.pdf
[2014/03/20 12:10:18 | 000,141,982 | ---- | C] () -- C:\Users\Owner\Documents\DIM014.pdf
[2014/03/20 12:10:18 | 000,015,325 | ---- | C] () -- C:\Users\Owner\Documents\Drill Press.jpg
[2014/03/20 12:10:17 | 006,515,662 | ---- | C] () -- C:\Users\Owner\Documents\Coolest_Coffee_Table_Ever.wmv
[2014/03/20 12:10:17 | 006,242,378 | ---- | C] () -- C:\Users\Owner\Documents\DEXPAN_Catalog_English.pdf
[2014/03/20 12:10:17 | 002,417,882 | ---- | C] () -- C:\Users\Owner\Documents\DannerReturnForm.pdf
[2014/03/20 12:10:17 | 001,438,825 | ---- | C] () -- C:\Users\Owner\Documents\Continental_L-Head-F-163-etc-Quick_Reference.pdf
[2014/03/20 12:10:17 | 000,936,040 | ---- | C] () -- C:\Users\Owner\Documents\DD-214.jpg
[2014/03/20 12:10:17 | 000,462,500 | ---- | C] () -- C:\Users\Owner\Documents\CuttingTin.pdf
[2014/03/20 12:10:17 | 000,316,416 | ---- | C] () -- C:\Users\Owner\Documents\Corbin Golf Scramble.pub
[2014/03/20 12:10:17 | 000,116,322 | ---- | C] () -- C:\Users\Owner\Documents\Credit.jpg
[2014/03/20 12:10:17 | 000,101,924 | ---- | C] () -- C:\Users\Owner\Documents\Credit2.jpg
[2014/03/20 12:10:17 | 000,092,517 | ---- | C] () -- C:\Users\Owner\Documents\Credit1.jpg
[2014/03/20 12:10:17 | 000,029,493 | ---- | C] () -- C:\Users\Owner\Documents\cumulative-stats.pdf
[2014/03/20 12:10:17 | 000,002,603 | ---- | C] () -- C:\Users\Owner\Documents\CorbinTest.odb
[2014/03/20 12:10:17 | 000,000,026 | ---- | C] () -- C:\Users\Owner\Documents\Default.PLS
[2014/03/20 12:10:16 | 006,221,989 | ---- | C] () -- C:\Users\Owner\Documents\CNNnewscast.wmv
[2014/03/20 12:10:16 | 005,145,600 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard1.pub
[2014/03/20 12:10:16 | 002,423,598 | ---- | C] () -- C:\Users\Owner\Documents\CompressorHF.pdf
[2014/03/20 12:10:16 | 002,423,598 | ---- | C] () -- C:\Users\Owner\Documents\Compressor 2stage.pdf
[2014/03/20 12:10:16 | 000,152,955 | ---- | C] () -- C:\Users\Owner\Documents\cemetery preregistration.pdf
[2014/03/20 12:10:16 | 000,100,864 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard+.pub
[2014/03/20 12:10:16 | 000,100,352 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard.pub
[2014/03/20 12:10:16 | 000,093,764 | ---- | C] () -- C:\Users\Owner\Documents\CirclingRavin DonationRequest.pdf
[2014/03/20 12:10:16 | 000,093,764 | ---- | C] () -- C:\Users\Owner\Documents\Circling RavenDonationRequest.pdf
[2014/03/20 12:10:16 | 000,093,764 | ---- | C] () -- C:\Users\Owner\Documents\Circling Raven DonationRequest(1).pdf
[2014/03/20 12:10:16 | 000,064,844 | ---- | C] () -- C:\Users\Owner\Documents\Chris Malta's EBiz Scam Prevention Report.pdf
[2014/03/20 12:10:16 | 000,061,073 | ---- | C] () -- C:\Users\Owner\Documents\chewelah.jpg
[2014/03/20 12:10:16 | 000,057,344 | ---- | C] () -- C:\Users\Owner\Documents\ChromeCard3.pub
[2014/03/20 12:10:16 | 000,053,760 | ---- | C] () -- C:\Users\Owner\Documents\ChromeBack.pub
[2014/03/20 12:10:15 | 001,641,423 | ---- | C] () -- C:\Users\Owner\Documents\Camping Trailer instructions.pdf
[2014/03/20 12:10:15 | 001,302,055 | ---- | C] () -- C:\Users\Owner\Documents\CELL PHONE MANUAL.pdf
[2014/03/20 12:10:15 | 000,513,055 | ---- | C] () -- C:\Users\Owner\Documents\Catalog Creator _ GettingStarted.pdf
[2014/03/20 12:10:15 | 000,328,444 | ---- | C] () -- C:\Users\Owner\Documents\cc_20121220_123219.reg
[2014/03/20 12:10:15 | 000,243,816 | ---- | C] () -- C:\Users\Owner\Documents\cc_20100708_081746.reg
[2014/03/20 12:10:15 | 000,228,042 | ---- | C] () -- C:\Users\Owner\Documents\cc_20131220_155023.reg
[2014/03/20 12:10:15 | 000,205,843 | ---- | C] () -- C:\Users\Owner\Documents\Cancellation.jpg
[2014/03/20 12:10:15 | 000,023,512 | ---- | C] () -- C:\Users\Owner\Documents\Cancellation Request Form.pdf
[2014/03/20 12:10:14 | 038,062,853 | ---- | C] () -- C:\Users\Owner\Documents\Camera HD Sports User Manual.pdf
[2014/03/20 12:10:14 | 005,468,566 | ---- | C] () -- C:\Users\Owner\Documents\Brains.wmv
[2014/03/20 12:10:14 | 002,154,860 | ---- | C] () -- C:\Users\Owner\Documents\cage1.jpg
[2014/03/20 12:10:14 | 002,101,396 | ---- | C] () -- C:\Users\Owner\Documents\cage.jpg
[2014/03/20 12:10:14 | 000,039,816 | ---- | C] () -- C:\Users\Owner\Documents\Brass.jpg
[2014/03/20 12:10:13 | 005,284,000 | ---- | C] () -- C:\Users\Owner\Documents\Bosch Nexxt 100 Series  Clothes Washer.pdf
[2014/03/20 12:10:13 | 005,195,405 | ---- | C] () -- C:\Users\Owner\Documents\Bosch Clothes Dryer.pdf
[2014/03/20 12:10:13 | 001,584,956 | ---- | C] () -- C:\Users\Owner\Documents\Blank Shirts Price List.ods
[2014/03/20 12:10:13 | 000,087,552 | ---- | C] () -- C:\Users\Owner\Documents\Boom.pub
[2014/03/20 12:10:13 | 000,061,440 | ---- | C] () -- C:\Users\Owner\Documents\Book 3.indb
[2014/03/20 12:10:13 | 000,061,440 | ---- | C] () -- C:\Users\Owner\Documents\Book 2.indb
[2014/03/20 12:10:13 | 000,061,440 | ---- | C] () -- C:\Users\Owner\Documents\Book 1.indb
[2014/03/20 12:10:13 | 000,042,072 | ---- | C] () -- C:\Users\Owner\Documents\Blueberries.pdf
[2014/03/20 12:10:13 | 000,038,003 | ---- | C] () -- C:\Users\Owner\Documents\birds.jpg
[2014/03/20 12:10:13 | 000,003,663 | ---- | C] () -- C:\Users\Owner\Documents\Book.opf
[2014/03/20 12:10:13 | 000,000,767 | ---- | C] () -- C:\Users\Owner\Documents\BnB Map.jmd
[2014/03/20 12:10:12 | 007,494,341 | ---- | C] () -- C:\Users\Owner\Documents\AV-MercedesSLSRoll.wmv
[2014/03/20 12:10:12 | 004,041,471 | ---- | C] () -- C:\Users\Owner\Documents\autolite_gen_and_start.pdf
[2014/03/20 12:10:12 | 000,508,664 | ---- | C] () -- C:\Users\Owner\Documents\Arteriors.pdf
[2014/03/20 12:10:12 | 000,398,388 | ---- | C] () -- C:\Users\Owner\Documents\A11temp.EPS
[2014/03/20 12:10:12 | 000,326,036 | ---- | C] () -- C:\Users\Owner\Documents\BendAug172010.pdf
[2014/03/20 12:10:12 | 000,185,100 | ---- | C] () -- C:\Users\Owner\Documents\ArchGrnHouse.pdf
[2014/03/20 12:10:12 | 000,066,661 | ---- | C] () -- C:\Users\Owner\Documents\b & b junk.pdf
[2014/03/20 12:10:12 | 000,009,371 | ---- | C] () -- C:\Users\Owner\Documents\AcesBook.opf
[2014/03/20 12:10:11 | 069,869,549 | ---- | C] () -- C:\Users\Owner\Documents\A System to Estimate Rehab in 15 Minutes.mp4
[2014/03/20 12:10:10 | 019,900,236 | ---- | C] () -- C:\Users\Owner\Documents\2014-01-20_1003.avi
[2014/03/20 12:10:10 | 007,278,182 | ---- | C] () -- C:\Users\Owner\Documents\1776_Tea_Party.wmv
[2014/03/20 12:10:10 | 004,778,228 | ---- | C] () -- C:\Users\Owner\Documents\2011_far_from_normal_catalog.pdf
[2014/03/20 12:10:10 | 000,997,977 | ---- | C] () -- C:\Users\Owner\Documents\12womens_bracket_blank.pdf
[2014/03/20 12:10:10 | 000,417,372 | ---- | C] () -- C:\Users\Owner\Documents\5-Secrets-Finding-Cheap-Stocks.pdf
[2014/03/20 12:10:10 | 000,391,613 | ---- | C] () -- C:\Users\Owner\Documents\12x16 barnshedplans.pdf
[2014/03/20 12:10:10 | 000,042,104 | ---- | C] () -- C:\Users\Owner\Documents\6.jpg
[2014/03/20 12:10:10 | 000,040,978 | ---- | C] () -- C:\Users\Owner\Documents\3.jpg
[2014/03/20 12:10:10 | 000,033,237 | ---- | C] () -- C:\Users\Owner\Documents\404 Error Custom Page.odt
[2014/03/20 12:10:10 | 000,028,920 | ---- | C] () -- C:\Users\Owner\Documents\5.jpg
[2014/03/20 12:10:10 | 000,028,567 | ---- | C] () -- C:\Users\Owner\Documents\2.jpg
[2014/03/20 12:10:10 | 000,019,773 | ---- | C] () -- C:\Users\Owner\Documents\4.jpg
[2014/03/20 12:10:09 | 000,044,080 | ---- | C] () -- C:\Users\Owner\Documents\1.jpg
[2014/03/20 12:10:09 | 000,001,280 | ---- | C] () -- C:\Users\Owner\Documents\.usr_app_ncr.dat
[2014/03/07 17:08:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/03/06 18:14:23 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2012/12/20 23:50:30 | 000,006,621 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2444541379-1693892906-2716229256-1000\$RDFJFUY\limesurvey\images\screenshots\L.png
[2012/12/20 23:50:30 | 000,003,488 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2444541379-1693892906-2716229256-1000\$RDFJFUY\limesurvey\images\screenshots\N.png
[2012/12/20 23:50:30 | 000,003,714 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2444541379-1693892906-2716229256-1000\$RDFJFUY\limesurvey\images\screenshots\U.png
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 813 bytes -> C:\Users\Owner\Desktop\Registration_Login.eml:OECustomProperty
 
< End of report >
 


#9 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 AM

Posted 07 April 2014 - 06:36 AM

Hello fourforfore,


1. Java
1.1 Uninstall old Java versions (if present):
  • Please go to Start > Control Panel > Programs and Features .
  • Locate all Java Updates
  • Uninstall them all.
  • 1.2 Install latest Java 7 update. Click this link and click on the Free JAVA Download.

    1.3 Find here instructions how to clear the java cache.
    Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)
    Under Temporary Internet Files, click the Delete Files button.
    There are options in the window to clear the cache - Leave ALL Checked
    • Applications and Applets
    • Trace and log files
    Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel.

    ---


    Malwarebytes' Anti-Malware
    If this program is already installed: Skip the installation and run only the scan!
    Download and install: Please download Malwarebytes Anti-Malware to your desktop.
    • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following:
      • Launch Malwarebytes Anti-Malware
      • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click the 'Update Now >>' link
    • After the update completes, click the 'Scan Now >>' button.
    • Or, on the Dashboard, click the Scan Now >> button.
    • If an update is available, click the Update Now button.
    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    ---


    ESET Online Scanner

    Connect any existing external hard drives and / or other removable media.

    *Note
    It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
    Please don't go surfing while your resident protection is disabled!
    Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



    If this program is already installed: Skip the installation and run only the scan!
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    • Click the esetOnline.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#10 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 07 April 2014 - 09:36 AM

Jo,

 

I am going to busy all day today and will be unable to work on this.

 

Can I please get back to this tomorrow?

 

Thanks,

 

Gerry



#11 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 08 April 2014 - 10:17 AM

Hi Jo,

 

A couple of problems.

 

I updated the JAVA.

 

Then ran malwarebytes.

While it was running, I left for a couple of minutes to get a cup of coffee.

 

When I can back I had a BLUE SCREEN with the following message:

 

A problem has been detected and Windows has been shut down to prevent damages to you computer.
 
IRQL_NOT_LESS_OR_EQUAL
 
If this is the first time you've seen this stop error screen, restart your computer.  If this screen appears again, follow these steps:
 
Check to make sure any new hardware or software is properly installed.
If this is a new installation, ask your hardware or software manufacturer for any Windows updates you might need.
 
If problems continue, disable or remove any newly installed hardware or software. Disable BIOS memory options such as caching or shadowing.
If you need to use safe mode to remove or disable components, restart your computor press F8 to select Advanced startup options, and then select safe mode.
 
Technical Information:
 
***STOP: 0x0000000A (0xFFFFFA8000BB9D0,0x0000000000000000,0x0000000000000000,0xFFFFF8000ZAFEA5)
 
Collecting data for crash dump ...
 
 
 
I didn't want to continue with the other steps until i notified you of this.
 
Also, my email is not responding.  I can receive email, but only at a pace of 1 email every five minutes.  I don't know what happened there.


#12 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 AM

Posted 08 April 2014 - 10:30 AM

Hello fourforfore,

did you have the email problems before or is this new?

After restarting your pc, scan with Malwarebytes again.

Case of problems skip this and go on with ESET scan.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 09 April 2014 - 09:14 AM

Jo,

 

I re-ran Malwarebytes with no problems.

 

My email problems seem to have gone away.

 

Still have problems with popups in FireFox.

 

I tried to run Eset.

 

The first time I ran it, it only got to 32% and stopped.

 

The second time I ran it, I let it run overnight and this morning I had a restarted screen.

 

I can't find any sign that it finished the scan.  And I am unable to find any log.

 

Also, I have noticed that a window flashes on the screen on startup and then runs in the background.  I don't know what it is, but in the Windows Task Manager it's named DSD2748.  The last four digits change on every startup and restart.  I click on 'end process' every time I see it.  It doesn't seem to have any effect when it's stopped, so it may be nothing.  Just thought I might mention it

 

 

 

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.04.08.04
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Owner :: OWNER-PC [administrator]
 
Protection: Disabled
 
4/8/2014 8:36:50 AM
mbam-log-2014-04-08 (08-36-50).txt
 
Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 745825
Time elapsed: 2 hour(s), 36 minute(s), 54 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller (PUP.Optional.DomaIQ) -> No action taken.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 49
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC\uninstall.exe.vir (PUP.Optional.MoviesToolBar.A) -> No action taken.
C:\Program Files (x86)\Uninstaller\Uninstall.exe (PUP.Optional.DomaIQ) -> No action taken.
E:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jkmljihjgjdghdhggolmhbjekicljfci\7.88.3.33905_0\plugins\4zChromePlugIn.dll (PUP.Optional.Mindspark) -> No action taken.
E:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jkmljihjgjdghdhggolmhbjekicljfci\7.88.3.33905_0\plugins\SearchControl.dll (PUP.Optional.Mindspark) -> No action taken.
E:\Documents and Settings\user\Local Settings\Application Data\TNT2\2.0.0.1676\TNT2User.exe (PUP.Optional.FreshyToolbar) -> No action taken.
E:\Documents and Settings\user\Local Settings\temp\nss360.tmp-2\APN_ATU3_.exe (PUP.Optional.Spigot.A) -> No action taken.
E:\Documents and Settings\user\My Documents\Downloads\InstallConverter_brch.exe (PUP.Optional.Conduit.A) -> No action taken.
E:\Program Files\FromDocToPDF_65\bar\1.bin\65barsvc.exe (PUP.Optional.AudioToAudioToolBar.A) -> No action taken.
E:\System Volume Information\_restore{0C38767F-4603-47A1-BC84-F4676676348A}\RP710\A0090349.exe (PUP.Optional.Conduit.A) -> No action taken.
E:\System Volume Information\_restore{0C38767F-4603-47A1-BC84-F4676676348A}\RP710\A0090359.exe (PUP.Optional.Conduit.A) -> No action taken.
E:\System Volume Information\_restore{0C38767F-4603-47A1-BC84-F4676676348A}\RP754\A0098300.dll (PUP.Optional.Mindspark) -> No action taken.
E:\System Volume Information\_restore{0C38767F-4603-47A1-BC84-F4676676348A}\RP754\A0098301.dll (PUP.Optional.Mindspark) -> No action taken.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC\uninstall.exe (PUP.Optional.MoviesToolBar.A) -> Quarantined and deleted successfully.
C:\System Volume Information\SystemRestore\FRStaging\Program Files (x86)\Uninstaller\Uninstall.exe (PUP.Optional.DomaIQ) -> Quarantined and deleted successfully.
C:\System Volume Information\SystemRestore\FRStaging\Users\Owner\AppData\Local\Temp\83de2c33-3fce-4e7d-a9c5-38aec04836fa\software\Freesofttoday.exe (Adware.EoRezo) -> Quarantined and deleted successfully.
C:\System Volume Information\SystemRestore\FRStaging\Users\Owner\Documents\Downloads\CaliforniaFontsSetup.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Owner\.frostwire5\updates\frostwire-5.5.5.windows.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-ass27.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-twe14.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-twe15.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-twp13.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-twp14.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-twp15.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-wx39f.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-wxf37.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-wxf38.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\cr-wxf39.zip (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\2000 Crackz & Serialz A - Z\damn_uedit620b.zip (Trojan.Agent.CK) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\.frostwire5\updates\frostwire-5.5.5.windows.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\Application Data\OpenCandy\D0AEBDADCA4F4334A4E7C96303E25254\frostwire-5.5.3.windows.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\Local Settings\Application Data\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\Local Settings\Application Data\Vuze_Remote\hk64tbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\Local Settings\Application Data\Vuze_Remote\hktbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\Local Settings\Application Data\Vuze_Remote\ldrtbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\Local Settings\Application Data\Vuze_Remote\tbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\My Documents\Downloads\aTube_Catcher_5188_ATU3.exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\My Documents\Downloads\CalculatorSetup.exe (PUP.Optional.Inbox) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\My Documents\Downloads\CaliforniaFontsSetup.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\My Documents\Downloads\iLividSetup-r0-n-bc (1).exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\My Documents\Downloads\iLividSetup-r0-n-bc.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
E:\Documents and Settings\user\My Documents\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
E:\Program Files\FrostWire 5\frostwire-installer.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
E:\Program Files\Vuze_Remote\hk64tbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Program Files\Vuze_Remote\hktbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Program Files\Vuze_Remote\ldrtbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Program Files\Vuze_Remote\prxtbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Program Files\Vuze_Remote\tbVuz2.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
E:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
E:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper1.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)


#14 Jo*

Jo*

  • Malware Response Team
  • 3,269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:11 AM

Posted 09 April 2014 - 09:33 AM

Hello fourforfore,

Download ComboFix from the following location:
Link

* IMPORTANT- Save ComboFix.exe to your Desktop
 

***


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link:
How to Disable your Security Programs


***


Double click on combofix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Enable your antivirus!
 

***


Run OTL again.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 fourforfore

fourforfore
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:11 PM

Posted 09 April 2014 - 05:10 PM

Hi Jo,

 

Everything seems to be working fine.

 

No popups in Fire Fox.

 

Email seems to be working fine.

 

After all this, I'm still a nervous.

 

I'm sending the last of the two files in a separate post.

 

 

ComboFix 14-04-09.02 - Owner 04/09/2014   8:09.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2014.729 [GMT -7:00]
Running from: c:\users\Owner\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Impression eStudio\XReminder\XReminder.exe
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome.manifest
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\asyncDB.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\background.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\browserAction.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\contextMenu.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\dbManager.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\dom_bg.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\fileManager.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\firefox.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\firefoxNotifications.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\firefoxOmnibox.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\message.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\pageAction.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\request.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\tabs.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\webRequest.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\background.html
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\baseObject.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\browser.xul
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\console.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\consts.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\delegate.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\extensionDataStore.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\folderIOWrapper.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\httpObserver.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\IDBWrapper.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\installer.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\logFile.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\prefs.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\progressListenerObserver.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\registry.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\reloadObserver.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\reports.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\requestObject.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\searchSettings.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\uninstallObserver.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\updateManager.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\utils.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\core\xhr.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\dialog.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\main.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\options.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\options.xul
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\platformVersion.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\chrome\content\search_dialog.xul
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\defaults\preferences\prefs.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\manifest.xml
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins.json
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\1.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\102.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\103.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\104.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\105.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\123.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\13.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\14.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\155.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\16.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\17.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\177.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\182.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\183.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\184.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\191.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\207.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\21.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\22.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\223.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\226.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\230.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\233.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\234.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\246.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\28.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\4.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\47.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\5.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\64.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\7.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\72.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\78.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\9.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\91.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\93.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\98.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\userCode\background.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\userCode\extension.js
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\install.rdf
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\locale\en-US\translations.dtd
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\button1.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\button2.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\button3.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\button4.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\button5.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\crossrider_statusbar.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\icon128.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\icon16.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\icon24.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\icon48.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\panelarrow-up.png
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\popup.html
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\skin.css
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\skin\update.css
E:\setup.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-03-09 to 2014-04-09  )))))))))))))))))))))))))))))))
.
.
2014-04-09 16:47 . 2014-04-09 16:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-08 18:44 . 2014-04-08 18:44 -------- d-----w- c:\program files (x86)\ESET
2014-04-07 15:40 . 2014-04-07 15:40 -------- d-----w- c:\users\Owner\AppData\Roaming\Oracle
2014-04-07 15:38 . 2014-04-07 15:39 -------- d-----w- c:\programdata\Oracle
2014-04-07 15:38 . 2014-04-07 15:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-04-07 15:37 . 2014-04-07 15:37 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-07 15:36 . 2014-04-07 15:36 -------- d-----w- c:\program files (x86)\Java
2014-04-06 20:01 . 2014-04-06 20:01 -------- d-----w- c:\windows\ERUNT
2014-04-06 19:03 . 2014-04-06 19:39 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-04-06 19:00 . 2014-04-06 19:00 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-05 21:07 . 2014-04-05 21:07 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2014-04-05 21:07 . 2014-04-05 21:07 -------- d-----w- c:\programdata\Malwarebytes
2014-04-05 21:07 . 2014-04-05 21:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-04-05 21:07 . 2013-04-04 21:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-05 19:01 . 2014-04-05 19:01 -------- d-----w- c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2014-04-05 19:00 . 2014-04-05 19:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-04-05 19:00 . 2014-04-05 19:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-04-05 18:20 . 2014-04-05 18:20 -------- d-----w- c:\users\Owner\AppData\Roaming\Gadwin
2014-04-05 18:20 . 2014-04-05 18:20 -------- d-----w- c:\users\Owner\AppData\Local\Gadwin
2014-04-05 18:20 . 2014-04-05 18:20 -------- d-----w- c:\program files\Gadwin
2014-04-05 17:09 . 2014-04-05 17:09 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-04-05 17:09 . 2014-04-05 17:09 -------- d-----w- c:\program files (x86)\Trend Micro
2014-04-04 19:37 . 2014-04-06 19:53 -------- d-----w- C:\AdwCleaner
2014-04-04 15:02 . 2014-04-04 15:02 -------- d-----w- c:\users\Owner\AppData\Roaming\Lavasoft
2014-04-04 14:45 . 2014-04-04 14:45 -------- d-----w- c:\users\Owner\AppData\Local\Lavasoft
2014-04-04 14:45 . 2013-10-24 13:04 450616 ----a-w- c:\windows\system32\LavasoftProxy64.dll
2014-04-04 14:45 . 2013-10-24 13:10 357432 ----a-w- c:\windows\SysWow64\LavasoftProxy.dll
2014-04-04 14:45 . 2014-04-04 14:45 -------- d-----w- c:\program files (x86)\Lavasoft
2014-04-04 14:29 . 2014-04-04 14:29 -------- d-----w- c:\program files\Lavasoft
2014-04-03 20:27 . 2014-04-03 20:27 -------- d-----w- c:\users\Owner\AppData\Local\Diagnostics
2014-04-03 15:55 . 2014-04-03 15:55 -------- d-----w- c:\users\Owner\AppData\Local\Macromedia
2014-03-30 21:50 . 2014-04-05 14:46 -------- d-----w- c:\users\Owner\AppData\Roaming\vlc
2014-03-27 23:58 . 2014-03-27 23:58 -------- d-----w- c:\program files (x86)\Thinking BIG
2014-03-27 00:13 . 2014-03-27 00:13 -------- d-----w- c:\users\Owner\AppData\Local\Help
2014-03-27 00:12 . 2009-08-04 17:56 296960 ----a-w- c:\windows\winhlp32.exe
2014-03-27 00:12 . 2009-08-04 17:55 195072 ----a-w- c:\windows\SysWow64\ftsrch.dll
2014-03-27 00:12 . 2009-08-04 17:55 195072 ----a-w- c:\windows\system32\ftsrch.dll
2014-03-27 00:12 . 2009-08-04 17:55 9216 ----a-w- c:\windows\SysWow64\ftlx0411.dll
2014-03-27 00:12 . 2009-08-04 17:55 9216 ----a-w- c:\windows\system32\ftlx0411.dll
2014-03-27 00:12 . 2009-08-04 17:55 10240 ----a-w- c:\windows\SysWow64\ftlx041e.dll
2014-03-27 00:12 . 2009-08-04 17:55 10240 ----a-w- c:\windows\system32\ftlx041e.dll
2014-03-26 23:02 . 2014-03-26 23:02 -------- d-----w- c:\programdata\VirtualizedApplications
2014-03-25 22:43 . 2014-03-25 22:43 -------- d-----w- c:\users\Owner\AppData\Local\ilividmoviestoolbar181
2014-03-25 21:27 . 2014-03-25 21:27 -------- d-----w- c:\program files (x86)\Analog Devices
2014-03-25 21:26 . 2014-03-25 21:26 -------- d-----w- C:\dell
2014-03-25 21:26 . 2006-09-29 20:03 34816 ----a-w- c:\windows\system32\SmaxCo.dll
2014-03-25 21:26 . 2006-09-28 00:15 386048 ----a-w- c:\windows\system32\drivers\ADIHdAud.sys
2014-03-25 21:23 . 2014-03-25 21:23 -------- d-----w- c:\users\Owner\AppData\Local\Apps
2014-03-25 21:23 . 2014-03-25 21:23 -------- d-----w- c:\users\Owner\AppData\Local\Deployment
2014-03-25 18:42 . 2014-03-26 20:38 -------- d-----w- c:\users\Owner\AppData\Local\Adobe
2014-03-24 05:37 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-03-24 05:37 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-23 01:47 . 2014-03-23 01:50 -------- d-----w- c:\windows\system32\MRT
2014-03-23 00:11 . 2014-03-23 00:11 -------- d-----w- c:\users\Owner\AppData\Local\SoftGrid Client
2014-03-23 00:11 . 2014-04-05 21:31 -------- d-----w- c:\users\Owner\AppData\Roaming\SoftGrid Client
2014-03-22 21:58 . 2014-04-05 14:46 -------- d-----w- c:\program files\DIFX
2014-03-22 21:54 . 2014-03-22 21:54 -------- d-----w- c:\program files (x86)\SignMax
2014-03-22 21:53 . 2014-03-22 21:53 -------- d-----w- c:\users\Owner\AppData\Roaming\InstallShield
2014-03-22 17:54 . 2013-10-15 01:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-03-22 17:17 . 2006-10-13 07:00 95232 ----a-w- c:\windows\system32\esxwia52.dll
2014-03-22 17:17 . 2006-03-10 07:00 4608 ----a-w- c:\windows\system32\esxwiaml.dll
2014-03-22 17:17 . 2006-08-07 07:00 161280 ----a-w- c:\windows\system32\esxuin52.dll
2014-03-22 17:17 . 2005-04-14 07:00 64000 ----a-w- c:\windows\system32\esfw52.bin
2014-03-22 17:04 . 1999-09-10 21:09 385024 ----a-w- c:\windows\SysWow64\Vbar332.dll
2014-03-22 17:04 . 1999-08-04 21:00 294912 ----a-w- c:\windows\SysWow64\Msxbse35.dll
2014-03-22 17:04 . 1999-08-04 21:00 262144 ----a-w- c:\windows\SysWow64\Msrd2x35.dll
2014-03-22 17:04 . 1999-08-04 21:00 176128 ----a-w- c:\windows\SysWow64\Mstext35.dll
2014-03-22 17:04 . 1999-05-06 05:22 430080 ----a-w- c:\windows\SysWow64\Msrepl35.dll
2014-03-22 17:04 . 1998-06-30 22:13 250128 ----a-w- c:\windows\SysWow64\mspdox35.dll
2014-03-22 17:04 . 1998-06-30 22:13 78608 ----a-w- c:\windows\SysWow64\Vb5db.dll
2014-03-22 17:04 . 1999-08-04 21:00 262144 ----a-w- c:\windows\SysWow64\Msexcl35.dll
2014-03-22 17:04 . 1999-05-06 05:22 1056768 ----a-w- c:\windows\SysWow64\Msjet35.dll
2014-03-22 17:04 . 1998-07-28 21:54 123664 ----a-w- c:\windows\SysWow64\msjint35.dll
2014-03-22 17:04 . 1998-07-28 21:54 24848 ----a-w- c:\windows\SysWow64\msjter35.dll
2014-03-22 17:04 . 1998-06-30 22:13 166160 ----a-w- c:\windows\SysWow64\msltus35.dll
2014-03-22 17:02 . 2014-03-22 17:03 -------- d-----w- c:\program files (x86)\ABBYY FineReader 6.0 Sprint
2014-03-22 16:16 . 2014-03-22 16:16 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2014-03-22 15:30 . 2014-03-22 15:30 -------- d-----w- c:\users\Owner\AppData\Local\Impression_eStudio
2014-03-22 15:26 . 2014-03-22 15:26 -------- d-----w- c:\program files (x86)\Impression eStudio
2014-03-22 14:30 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2014-03-22 14:30 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2014-03-22 14:30 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-03-22 14:30 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-03-22 14:30 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-03-22 14:30 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-03-22 14:30 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-03-22 14:30 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-03-22 14:29 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2014-03-22 14:29 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-03-22 14:29 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-03-22 14:29 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2014-03-22 14:29 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2014-03-22 14:29 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-03-22 14:29 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-03-22 14:29 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-03-22 14:29 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-03-22 14:29 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-03-22 14:29 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-03-22 14:28 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-22 14:28 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-22 14:28 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-03-22 14:28 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-03-22 14:26 . 2014-03-22 14:27 -------- d-----w- c:\users\Owner\AppData\Roaming\FileZilla
2014-03-22 14:22 . 2014-04-05 14:46 -------- d-----w- c:\users\Owner\AppData\Roaming\Efficient Reminder Free
2014-03-22 14:15 . 2014-03-22 14:15 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-03-22 13:59 . 2014-04-05 14:46 -------- d-----w- c:\windows\system32\Wat
2014-03-22 13:59 . 2014-03-22 13:59 -------- d-----w- c:\windows\SysWow64\Wat
2014-03-22 07:59 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-03-22 07:59 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-03-22 07:59 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-03-22 07:58 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-03-22 07:58 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-03-22 05:58 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-03-22 04:53 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-03-22 04:53 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-03-22 04:53 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-03-22 04:53 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-03-22 04:53 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-03-22 04:53 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-03-22 04:53 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-03-22 02:14 . 2014-03-22 02:14 -------- d-----w- c:\users\Owner\AppData\Roaming\Jasc Software Inc
2014-03-22 02:14 . 2014-03-22 02:14 -------- d-----w- c:\program files (x86)\Jasc Software Inc
2014-03-22 02:04 . 2014-03-22 02:04 -------- d-----w- c:\program files (x86)\JGsoft
2014-03-22 02:04 . 2006-06-06 09:08 68496 ----a-w- c:\windows\UnDeployV.exe
2014-03-22 02:02 . 2014-03-22 02:05 -------- d-----w- c:\users\Owner\AppData\Roaming\JGsoft
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-03 16:50 . 2014-03-07 00:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-03 16:50 . 2014-03-07 00:57 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-07 01:11 . 2014-03-07 01:11 973736 ----a-w- c:\windows\system32\deployJava1.dll
2014-03-07 01:11 . 2014-03-07 01:11 1095080 ----a-w- c:\windows\system32\npDeployJava1.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSystemDetect"="c:\users\Owner\AppData\Local\Apps\2.0\ROPOJ28D.2B0\7PTXV080.J05\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe" [2014-03-25 258160]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-06 6563608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-03-20 4971024]
"EEventManager"="c:\program files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2005-04-08 102400]
"Password Keychain"="c:\program files (x86)\Password Keychain\Passkeychain.exe" [2003-07-17 1437696]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2014-03-22 295512]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2006-10-10 1097728]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Efficient Reminder Free.lnk - e:\program files\Efficient Reminder Free\EfficientReminderFree.exe /startup [2011-9-24 10265600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 bcm44amd64;Broadcom 440x 10/100 Integrated Controller XP Driver;c:\windows\system32\DRIVERS\b44amd64.sys;c:\windows\SYSNATIVE\DRIVERS\b44amd64.sys [x]
S3 gzflt;gzflt;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfswin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfswin7.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaywin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaywin7.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirwin7.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvolwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvolwin7.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-21 00:53 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-07 16:50]
.
2014-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07 00:52]
.
2014-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-07 00:52]
.
2014-04-09 c:\windows\Tasks\ReclaimerUpdateFiles_Owner.job
- c:\users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-03 01:58]
.
2014-04-09 c:\windows\Tasks\ReclaimerUpdateXML_Owner.job
- c:\users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-03 01:58]
.
2014-04-09 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Owner.job
- c:\users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-03 01:58]
.
2014-04-09 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 277f104f-cb47-45fc-b79c-739ee2537d65.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2014-04-09 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task cd608569-4bf1-4c34-9d3c-41f17e29b13e.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe" [2014-01-23 4114264]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\74hm9e17.default\
FF - prefs.js: browser.startup.homepage - hxxp://foodtoolz.com/
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-XReminder - c:\program files (x86)\Impression eStudio\XReminder\XReminder.exe
Wow6432Node-HKCU-Run-Lavasoft AdBlock - c:\program files (x86)\Lavasoft\Ad-Aware AdBlocker (Alpha)\AdBlocker.exe
Wow6432Node-HKLM-Run-XReminder - c:\program files (x86)\Impression eStudio\XReminder\XReminder.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-Activeris AntiMalware_is1 - c:\program files (x86)\Activeris AntiMalware\unins000.exe
AddRemove-ilividmoviestoolbar181CR - c:\progra~2\MOVIES~1\Datamngr\SRTOOL~1\GC\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-04-09  09:52:17
ComboFix-quarantined-files.txt  2014-04-09 16:52
.
Pre-Run: 172,053,553,152 bytes free
Post-Run: 173,281,603,584 bytes free
.
- - End Of File - - 5E371D564EE337D54920CDFC5FD23A0C
A36C5E4F47E84449FF07ED3517B43A31
 

 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users