win32,agent.esq and qvo

**nickrobinsonnick** · 2014-06-01, 12:18

Have obtained following from spybot scan:

Search results from Spybot - Search & Destroy

1/06/2014 5:55:27 PM
Scan took 00:43:33.
13 items found.

Aartemis: [SBI $608FB8D8] Settings (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\supWPM\ptid

Aartemis: [SBI $F8A758D3] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\supWPM

W3i.IQ5.fraud: [SBI $1A295A40] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\InstallIQ

Win32.Agent.qvo: [SBI $E30D556E] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Wpm

Win32.Agent.exq: [SBI $E7F56498] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Win32.Agent.exq: [SBI $02D8EB5F] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\qone8Software\qone8hp

Win32.Agent.exq: [SBI $67EDF4BF] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\qone8Software

Win32.Agent.exq: [SBI $88486EA1] Settings (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Page_URL

Win32.Agent.exq: [SBI $9AE731D1] Settings (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2683175902-963029523-2157096801-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (80) (Browser: Cookie, nothing done)

--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)

Though the Win32.agent.esq threats are classified as high, they are not removed during the Fix stage. They then re-appear during the next scan. Are they a problem and if so how can they be fixed?

Note that running Windows 8.1.

Thanks for your help.

Nick

**ken545** · 2014-06-01, 16:31

Nick , looks like you may have a browser hijacker problem, are you being redirected to other sites in any of your browsers. We do have a thread you missed about Before You Post but those scans may not run on Win 8 so we will bypass that

-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

**nickrobinsonnick** · 2014-06-02, 02:15

Ken,

I had another problem with a win32.agent virus which was identified by a Spybot scan but which was not removed. I went to the Spybot forum and obtained advice to run a number of spyware programs including the one you recommended for Qone8. I ran Adwcleaner and it removed the browser hijacker. Unfortunately, I did not keep the text file, so cannot provide. It would appear that I inadvertently blundered my way through this problem.

I would very much wish to thank you for your assistance and if it does re-appear in any form, I will report to this forum.

Nick

Originally Posted by ken545

Nick , looks like you may have a browser hijacker problem, are you being redirected to other sites in any of your browsers. We do have a thread you missed about Before You Post but those scans may not run on Win 8 so we will bypass that

-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

**ken545** · 2014-06-02, 02:36

Hello Nick,

No need to quote what I post.

You can find the logfile at C:\AdwCleaner[S1].txt Post it please

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Please download Malwarebytes Anti-Malware to your desktop.

Double-click mbam-setup-2.0.2.1012.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

**nickrobinsonnick** · 2014-06-03, 04:44

Ken,

See below;

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/06/2014
Scan Time: 12:30:52 PM
Logfile: Malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.02.01
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 8.1
CPU: x86
File System: NTFS
User: Nick

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 235529
Time Elapsed: 13 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

# AdwCleaner v3.211 - Report created 02/06/2014 at 09:33:23
# Updated 26/05/2014 by Xplode
# Operating System : Windows 8.1 (32 bits)
# Username : Nick - NICKSPC
# Running from : C:\Users\Nick\Downloads\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17037

-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\kddnq5x6.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxps://mail.google.com/mail/u/0/#inbox|hxxps://www.commsec.com.au/default.aspx|hxxp://www.easterngolfclub.com.au/security/login.msp|hxxp://www.mdvetgolf.org/acc[...]

-\\ Google Chrome v

[ File : C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5700 octets] - [02/06/2014 09:13:16]
AdwCleaner[R1].txt - [1249 octets] - [02/06/2014 09:32:00]
AdwCleaner[S0].txt - [4793 octets] - [02/06/2014 09:15:07]
AdwCleaner[S1].txt - [1174 octets] - [02/06/2014 09:33:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1234 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x86
Ran by Nick on Mon 02/06/2014 at 12:17:14.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/06/2014 at 12:23:23.71
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

**ken545** · 2014-06-03, 11:39

Morning Nick,

Looks like the first time you ran AdwCleaner you had it remove everything. The rest of the logs like good so far.

OTL by OldTimer

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
  Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

**nickrobinsonnick** · 2014-06-04, 01:59

Ken,

Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 62.34% Memory free
3.00 Gb Paging File | 1.48 Gb Available in Paging File | 49.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 130.04 Gb Free Space | 55.84% Space Free | Partition Type: NTFS
Drive E: | 1863.02 Gb Total Space | 1431.28 Gb Free Space | 76.83% Space Free | Partition Type: NTFS

Computer Name: NICKSPC | User Name: Nick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Nick\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x86__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\System32\SkyDrive.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhostex.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dasHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation)
PRC - C:\Program Files\AmiBroker\Broker.exe (AmiBroker.com)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AmiBroker\Brokey.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files\AmiBroker\Plugins\Candle.dll ()

========== Services (SafeList) ==========

SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (AppXSvc) -- C:\Windows\System32\AppXDeploymentServer.dll (Microsoft Corporation)
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation)
SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation)
SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation)
SRV - (AppReadiness) -- C:\Windows\System32\AppReadiness.dll (Microsoft Corporation)
SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV - (workfolderssvc) -- C:\Windows\System32\workfolderssvc.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation)
SRV - (WEPHOSTSVC) -- C:\Windows\System32\wephostsvc.dll (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation)
SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation)
SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicguestinterface) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\System32\smphost.dll (Microsoft Corporation)
SRV - (ScDeviceEnum) -- C:\Windows\System32\ScDeviceEnum.dll (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SRV - (NcbService) -- C:\Windows\System32\ncbservice.dll (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (mbamchameleon) -- C:\Windows\System32\Drivers\mbamchameleon.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\Drivers\aswsnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\Drivers\aswsp.sys (AVAST Software)
DRV - (aswStm) -- C:\Windows\System32\Drivers\aswstm.sys (AVAST Software)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\Drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\Drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswRdr) -- C:\Windows\System32\Drivers\aswRdr2.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\Drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswHwid) -- C:\Windows\System32\Drivers\aswHwid.sys ()
DRV - (wStLibG) -- C:\Windows\System32\Drivers\wStLibG.sys (StdLib)
DRV - (WdFilter) -- C:\Windows\System32\Drivers\WdFilter.sys (Microsoft Corporation)
DRV - (WdNisDrv) -- C:\Windows\System32\Drivers\WdNisDrv.sys (Microsoft Corporation)
DRV - (WdBoot) -- C:\Windows\System32\Drivers\WdBoot.sys (Microsoft Corporation)
DRV - (CLFS) -- C:\Windows\System32\Drivers\clfs.sys (Microsoft Corporation)
DRV - (Wof) -- C:\Windows\System32\drivers\wof.sys (Microsoft Corporation)
DRV - (USBHUB3) -- C:\Windows\System32\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV - (WFPLWFS) -- C:\Windows\System32\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV - (USBXHCI) -- C:\Windows\System32\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV - (spaceport) -- C:\Windows\System32\Drivers\spaceport.sys (Microsoft Corporation)
DRV - (UCX01000) -- C:\Windows\System32\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV - (sdstor) -- C:\Windows\System32\Drivers\sdstor.sys (Microsoft Corporation)
DRV - (GPIOClx0101) -- C:\Windows\System32\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV - (wpcfltr) -- C:\Windows\System32\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
DRV - (intelpep) -- C:\Windows\System32\Drivers\intelpep.sys (Microsoft Corporation)
DRV - (pdc) -- C:\Windows\System32\Drivers\pdc.sys (Microsoft Corporation)
DRV - (SerCx2) -- C:\Windows\System32\Drivers\SerCx2.sys (Microsoft Corporation)
DRV - (stornvme) -- C:\Windows\System32\Drivers\stornvme.sys (Microsoft Corporation)
DRV - (VerifierExt) -- C:\Windows\System32\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\Drivers\terminpt.sys (Microsoft Corporation)
DRV - (condrv) -- C:\Windows\System32\Drivers\condrv.sys (Microsoft Corporation)
DRV - (dam) -- C:\Windows\System32\Drivers\dam.sys (Microsoft Corporation)
DRV - (acpiex) -- C:\Windows\System32\Drivers\acpiex.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\Drivers\tpm.sys (Microsoft Corporation)
DRV - (mvumis) -- C:\Windows\System32\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV - (msgpiowin32) -- C:\Windows\System32\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV - (LSI_SAS3) -- C:\Windows\System32\Drivers\lsi_sas3.sys (LSI Corporation)
DRV - (LSI_SSS) -- C:\Windows\System32\Drivers\lsi_sss.sys (LSI Corporation)
DRV - (3ware) -- C:\Windows\System32\Drivers\3ware.sys (LSI)
DRV - (ADP80XX) -- C:\Windows\System32\Drivers\adp80xx.sys (PMC-Sierra)
DRV - (EhStorTcgDrv) -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV - (EhStorClass) -- C:\Windows\System32\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV - (VSTXRAID) -- C:\Windows\System32\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV - (storahci) -- C:\Windows\System32\Drivers\storahci.sys (Microsoft Corporation)
DRV - (SpbCx) -- C:\Windows\System32\Drivers\SpbCx.sys (Microsoft Corporation)
DRV - (SerCx) -- C:\Windows\System32\Drivers\SerCx.sys (Microsoft Corporation)
DRV - (UASPStor) -- C:\Windows\System32\Drivers\uaspstor.sys (Microsoft Corporation)
DRV - (cnghwassist) -- C:\Windows\System32\Drivers\cnghwassist.sys (Microsoft Corporation)
DRV - (UEFI) -- C:\Windows\System32\Drivers\uefi.sys (Microsoft Corporation)
DRV - (WpdUpFltr) -- C:\Windows\System32\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\Drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\Drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\Drivers\storvsc.sys (Microsoft Corporation)
DRV - (ahcache) -- C:\Windows\System32\Drivers\ahcache.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV - (HyperVideo) -- C:\Windows\System32\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV - (mshidumdf) -- C:\Windows\System32\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV - (acpitime) -- C:\Windows\System32\Drivers\acpitime.sys (Microsoft Corporation)
DRV - (acpipagr) -- C:\Windows\System32\Drivers\acpipagr.sys (Microsoft Corporation)
DRV - (npsvctrig) -- C:\Windows\System32\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV - (BthAvrcpTg) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV - (kdnic) -- C:\Windows\System32\Drivers\kdnic.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\Drivers\vms3cap.sys (Microsoft Corporation)
DRV - (gencounter) -- C:\Windows\System32\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV - (bthhfhid) -- C:\Windows\System32\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV - (BthHFEnum) -- C:\Windows\System32\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (hyperkbd) -- C:\Windows\System32\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (hidi2c) -- C:\Windows\System32\Drivers\hidi2c.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\Drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\Drivers\dmvsc.sys (Microsoft Corporation)
DRV - (netvsc) -- C:\Windows\System32\Drivers\netvsc63.sys (Microsoft Corporation)
DRV - (NdisVirtualBus) -- C:\Windows\System32\Drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV - (NdisImPlatform) -- C:\Windows\System32\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV - (MsLldp) -- C:\Windows\System32\Drivers\mslldp.sys (Microsoft Corporation)
DRV - (Ndu) -- C:\Windows\System32\Drivers\Ndu.sys (Microsoft Corporation)
DRV - (FxPPM) -- C:\Windows\System32\Drivers\fxppm.sys (Microsoft Corporation)
DRV - (bcmfn2) -- C:\Windows\System32\Drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV - (iaStorAV) -- C:\Windows\System32\Drivers\iaStorAV.sys (Intel Corporation)
DRV - (iaioi2c) -- C:\Windows\System32\Drivers\iaioi2c.sys (Intel Corporation)
DRV - (GPIO) -- C:\Windows\System32\Drivers\iaiogpio.sys (Intel Corporation)
DRV - (RTL8168) -- C:\Windows\System32\Drivers\Rt630x86.sys (Realtek )
DRV - (amdkmdap) -- C:\Windows\System32\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\Drivers\wdcsam.sys (Western Digital Technologies)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceL...FManageAccount
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\..\SearchScopes\EDD407FE541A4E1198E2AB19DED0A247: "URL" = http://search.conduit.com/Results.aspx?gd=&ctid=CT3323744&octid=EB_ORIGINAL_CTID&ISID=M39DF27B2-6BE5-4B18-A5CA-6501BB1D6864&SearchSource=58&CUI=&UM=5&UP=SP9444CE26-BA51-4431-A291-4156580B5FF7&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceL...FManageAccount
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\EDD407FE541A4E1198E2AB19DED0A247: "URL" = http://search.conduit.com/Results.aspx?gd=&ctid=CT3323744&octid=EB_ORIGINAL_CTID&ISID=M39DF27B2-6BE5-4B18-A5CA-6501BB1D6864&SearchSource=58&CUI=&UM=5&UP=SP9444CE26-BA51-4431-A291-4156580B5FF7&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2018.95
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/05/05 16:56:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/05/30 18:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\mozilla\Extensions
[2014/06/01 17:53:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\mozilla\Firefox\Profiles\kddnq5x6.default\extensions
[2014/05/10 12:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/10 12:01:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/05 16:56:18 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: qone8 (Enabled)
CHR - default_search_provider: search_url = http://www.qone8.com/web/?type=ds&ts=1401438765&from=vtt&uid=MAXTORXSTM3250310AS_6RY8SDB9XXXX6RY8SDB9&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=BDT3DF&PC=BDT3,
CHR - plugin: Error reading preferences file
CHR - Extension: avast! Online Security = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Google Wallet = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2013/08/22 16:13:55 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2683175902-963029523-2157096801-1001..\Run: [EPSON Stylus Office TX300F] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEJP.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2683175902-963029523-2157096801-1001..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O4 - HKU\S-1-5-21-2683175902-963029523-2157096801-1001..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [EPSON Stylus Office TX300F] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEJP.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O4 - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 61.9.134.49 61.9.133.193
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17BAE6C7-573A-4966-AD08-D3FA2746AFB7}: DhcpNameServer = 61.9.134.49 61.9.133.193
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/22 18:16:34 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/30 06:52:30 | 000,000,035 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/02 12:10:01 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/02 09:14:14 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/06/02 09:12:39 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/01 22:01:10 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/06/01 22:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/01 22:00:26 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/06/01 22:00:26 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/06/01 22:00:26 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/06/01 22:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/06/01 22:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/01 19:06:28 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Safer Networking
[2014/06/01 19:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
[2014/06/01 19:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\Safer Networking
[2014/06/01 16:07:17 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\ElevatedDiagnostics
[2014/06/01 16:06:31 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\Diagnostics
[2014/06/01 12:59:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2014/05/30 18:43:05 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\QuickScan
[2014/05/30 18:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2014/05/22 11:49:19 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Google
[2014/05/22 11:46:46 | 000,000,000 | -HSD | C] -- C:\Users\Nick\AppData\Local\EmieUserList
[2014/05/22 11:46:46 | 000,000,000 | -HSD | C] -- C:\Users\Nick\AppData\Local\EmieSiteList
[2014/05/22 11:37:21 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2014/05/22 11:37:19 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BEJP.DLL
[2014/05/22 11:27:56 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\EPSON
[2014/05/22 11:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2014/05/22 11:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2014/05/22 11:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2014/05/22 11:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2014/05/22 11:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 6.0 Sprint
[2014/05/22 10:46:51 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK2.dll
[2014/05/22 10:46:51 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EpPicPrt.dll
[2014/05/22 10:46:51 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICEntry.dll
[2014/05/22 10:46:51 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK.dll
[2014/05/22 10:46:51 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EPPicMgr.dll
[2014/05/22 10:46:48 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\InstallShield
[2014/05/22 10:42:06 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBEJP.DLL
[2014/05/22 10:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2014/05/22 10:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/05/22 10:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2014/05/16 11:32:24 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/16 11:32:24 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

**nickrobinsonnick** · 2014-06-04, 02:01

[2014/05/22 10:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2014/05/16 11:32:24 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/16 11:32:24 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/15 16:09:31 | 000,080,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mrt_map.dll
[2014/05/15 16:09:31 | 000,026,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mrt100.dll
[2014/05/15 16:09:24 | 000,219,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdFilter.sys
[2014/05/15 16:09:22 | 000,092,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdNisDrv.sys
[2014/05/15 16:09:21 | 000,030,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdBoot.sys
[2014/05/15 16:08:50 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014/05/15 16:08:45 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSShared.dll
[2014/05/15 16:08:44 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinui.dll
[2014/05/15 16:08:42 | 001,634,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014/05/15 16:08:42 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014/05/15 16:08:42 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ubpm.dll
[2014/05/15 16:08:41 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinapi.appcore.dll
[2014/05/15 16:08:40 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinui.appcore.dll
[2014/05/15 16:08:40 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/15 16:08:40 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\storewuauth.dll
[2014/05/15 16:08:39 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUSettingsProvider.dll
[2014/05/15 16:08:39 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014/05/15 16:08:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014/05/15 16:08:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014/05/15 16:08:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014/05/15 16:08:37 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSReset.exe
[2014/05/15 16:07:15 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/14 11:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/14 10:55:59 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingsHandlers.dll
[2014/05/14 10:55:33 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Xaml.dll
[2014/05/14 10:55:27 | 000,283,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\clfs.sys
[2014/05/14 10:55:26 | 005,786,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/05/14 10:55:25 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Search.dll
[2014/05/14 10:55:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Shell.Search.UriHandler.dll
[2014/05/14 10:55:19 | 003,562,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncEngine.dll
[2014/05/14 10:55:18 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014/05/14 10:55:18 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/05/14 10:55:17 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/05/14 10:55:17 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppXDeploymentServer.dll
[2014/05/14 10:55:15 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/05/14 10:55:15 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2014/05/14 10:55:13 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Media.dll
[2014/05/14 10:55:13 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFMediaEngine.dll
[2014/05/14 10:55:12 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2014/05/14 10:55:12 | 000,138,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wof.sys
[2014/05/14 10:55:11 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MrmCoreR.dll
[2014/05/14 10:55:10 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfsvr.dll
[2014/05/14 10:55:10 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlidprov.dll
[2014/05/14 10:55:10 | 000,321,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2014/05/14 10:55:09 | 000,406,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/05/14 10:55:08 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppXDeploymentExtensions.dll
[2014/05/14 10:55:08 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2014/05/14 10:55:08 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dcomp.dll
[2014/05/14 10:55:07 | 000,326,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014/05/14 10:55:06 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll
[2014/05/14 10:55:05 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Devices.Sensors.dll
[2014/05/14 10:55:04 | 000,295,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2014/05/14 10:55:04 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppXDeploymentClient.dll
[2014/05/14 10:55:03 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2014/05/14 10:55:03 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/05/14 10:55:03 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsApi.dll
[2014/05/14 10:55:01 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MDEServer.exe
[2014/05/14 10:55:01 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEndpointBuilder.dll
[2014/05/14 10:55:01 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dafWfdProvider.dll
[2014/05/14 10:55:00 | 000,491,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MDMAgent.exe
[2014/05/14 10:55:00 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBHUB3.SYS
[2014/05/14 10:54:59 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2014/05/14 10:54:59 | 000,672,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SkyDrive.exe
[2014/05/14 10:54:59 | 000,406,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2014/05/14 10:54:59 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014/05/14 10:54:58 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppxAllUserStore.dll
[2014/05/14 10:54:56 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SkyDriveTelemetry.dll
[2014/05/14 10:54:55 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014/05/14 10:54:55 | 000,194,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2014/05/14 10:54:54 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
[2014/05/14 10:54:53 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2014/05/14 10:54:53 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014/05/14 10:54:53 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2014/05/14 10:54:53 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014/05/14 10:54:52 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2014/05/14 10:54:52 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2014/05/14 10:54:51 | 000,286,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/05/14 10:54:51 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2014/05/14 10:54:51 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wfplwfs.sys
[2014/05/14 10:54:50 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aclui.dll
[2014/05/14 10:54:50 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdvidcrl.dll
[2014/05/14 10:54:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvcfg.exe
[2014/05/14 10:54:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CredentialMigrationHandler.dll
[2014/05/14 10:54:49 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Graphics.Printing.dll
[2014/05/14 10:54:49 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapibase.dll
[2014/05/14 10:54:49 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReInfo.dll
[2014/05/14 10:54:49 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Devices.Scanners.dll
[2014/05/14 10:54:48 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LocationApi.dll
[2014/05/14 10:54:48 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMapi.dll
[2014/05/14 10:54:47 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fvewiz.dll
[2014/05/14 10:54:47 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014/05/14 10:54:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxproxy.dll
[2014/05/14 10:54:46 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BitLockerDeviceEncryption.exe
[2014/05/14 10:54:46 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevPropMgr.dll
[2014/05/14 10:54:46 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BdeHdCfgLib.dll
[2014/05/14 10:54:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetNetworkLocation.dll
[2014/05/14 10:54:44 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2gpstore.dll
[2014/05/14 10:54:44 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/05/14 10:54:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
[2014/05/14 10:50:13 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/05/14 10:50:05 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/05/14 10:50:03 | 003,499,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/05/14 10:49:24 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2014/05/14 10:49:20 | 008,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\glcndFilter.dll
[2014/05/14 10:49:17 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WofTasks.dll
[2014/05/14 10:49:16 | 002,871,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSService.dll
[2014/05/14 10:49:09 | 008,874,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Data.Pdf.dll
[2014/05/14 10:49:05 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcore.dll
[2014/05/14 10:49:05 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/05/14 10:48:41 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\combase.dll
[2014/05/14 10:48:40 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2014/05/14 10:48:40 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014/05/14 10:48:38 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/05/14 10:48:34 | 001,129,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2014/05/14 10:48:31 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2014/05/14 10:48:28 | 001,716,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2014/05/14 10:48:23 | 001,203,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlidsvc.dll
[2014/05/14 10:48:17 | 001,341,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll
[2014/05/14 10:48:17 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/05/14 10:48:13 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Globalization.dll
[2014/05/14 10:48:12 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmde.dll
[2014/05/14 10:48:11 | 001,496,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.UI.Immersive.dll
[2014/05/14 10:48:10 | 001,077,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2014/05/14 10:48:10 | 000,410,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2014/05/14 10:48:10 | 000,369,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2014/05/14 10:48:10 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWWIN.EXE
[2014/05/14 10:48:08 | 002,410,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014/05/14 10:48:07 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Media.Streaming.dll
[2014/05/14 10:48:05 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reseteng.dll
[2014/05/14 10:48:02 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
[2014/05/14 10:48:02 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncHost.exe
[2014/05/14 10:48:01 | 001,270,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.efi
[2014/05/14 10:48:01 | 001,167,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/05/14 10:48:00 | 001,280,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/05/14 10:47:59 | 001,389,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.efi
[2014/05/14 10:47:57 | 001,011,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfnetsrc.dll
[2014/05/14 10:47:56 | 000,422,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/05/14 10:47:55 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WWAHost.exe
[2014/05/14 10:47:54 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SystemSettingsAdminFlowUI.dll
[2014/05/14 10:47:54 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2014/05/14 10:47:53 | 000,650,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfnetcore.dll
[2014/05/14 10:47:53 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DfpCommon.dll
[2014/05/14 10:47:50 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncCore.dll
[2014/05/14 10:47:50 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinapi.dll
[2014/05/14 10:47:49 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msTextPrediction.dll
[2014/05/14 10:47:48 | 002,220,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2014/05/14 10:47:48 | 001,392,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPDMC.exe
[2014/05/14 10:47:46 | 002,428,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014/05/14 10:47:43 | 001,914,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpcMon.exe
[2014/05/14 10:47:43 | 001,155,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2014/05/14 10:47:39 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014/05/14 10:47:36 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpncore.dll
[2014/05/14 10:47:33 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4srcsnk.dll
[2014/05/14 10:47:27 | 000,477,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SHCore.dll
[2014/05/14 10:47:27 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingSync.dll
[2014/05/14 10:47:25 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WofUtil.dll
[2014/05/14 10:47:24 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2014/05/14 10:47:24 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2014/05/14 10:47:23 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014/05/14 10:47:23 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcmsvc.dll
[2014/05/14 10:47:21 | 000,707,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2014/05/14 10:47:21 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppReadiness.dll
[2014/05/14 10:47:20 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2014/05/14 10:47:19 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recimg.exe
[2014/05/14 10:47:19 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfp.exe
[2014/05/14 10:47:18 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mispace.dll
[2014/05/14 10:47:17 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2014/05/14 10:47:14 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SystemEventsBrokerServer.dll
[2014/05/14 10:47:13 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2014/05/14 10:47:13 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2014/05/14 10:47:12 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perftrack.dll
[2014/05/14 10:47:11 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\storagewmi.dll
[2014/05/14 10:47:10 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/05/14 10:47:10 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2014/05/14 10:47:09 | 001,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpcWebSync.dll
[2014/05/14 10:47:09 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014/05/14 10:47:08 | 000,333,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spaceport.sys
[2014/05/14 10:47:08 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bisrv.dll
[2014/05/14 10:47:07 | 000,926,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RecoveryDrive.exe
[2014/05/14 10:47:06 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014/05/14 10:47:03 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2014/05/14 10:47:02 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfuimanager.dll
[2014/05/14 10:47:01 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2014/05/14 10:47:01 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Graphics.dll
[2014/05/14 10:47:00 | 000,759,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iuilp.dll
[2014/05/14 10:47:00 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\energy.dll
[2014/05/14 10:46:59 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2014/05/14 10:46:59 | 000,336,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll
[2014/05/14 10:46:59 | 000,317,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvproc.dll
[2014/05/14 10:46:59 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSClient.dll
[2014/05/14 10:46:58 | 002,302,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2014/05/14 10:46:57 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2014/05/14 10:46:56 | 000,491,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/05/14 10:46:55 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psmsrv.dll
[2014/05/14 10:46:54 | 000,197,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2014/05/14 10:46:48 | 001,468,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMALFXGFXDSP.dll
[2014/05/14 10:46:48 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascustom.dll
[2014/05/14 10:46:47 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2014/05/14 10:46:46 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.Vpn.dll
[2014/05/14 10:46:46 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2014/05/14 10:46:45 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DismApi.dll
[2014/05/14 10:46:44 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFCaptureEngine.dll
[2014/05/14 10:46:43 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsm.dll
[2014/05/14 10:46:43 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptsslp.dll
[2014/05/14 10:46:42 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MrmIndexer.dll
[2014/05/14 10:46:41 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppxPackaging.dll
[2014/05/14 10:46:41 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2014/05/14 10:46:41 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Dism.exe
[2014/05/14 10:46:41 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InputSwitch.dll
[2014/05/14 10:46:36 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nettrace.dll
[2014/05/14 10:46:36 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2014/05/14 10:46:36 | 000,030,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ploptin.dll
[2014/05/14 10:46:35 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2014/05/14 10:46:35 | 000,311,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014/05/14 10:46:35 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014/05/14 10:46:34 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014/05/14 10:46:32 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\microsoft-windows-system-events.dll
[2014/05/14 10:46:30 | 001,095,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2014/05/14 10:46:30 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SkyDriveShell.dll
[2014/05/14 10:46:29 | 002,165,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2014/05/14 10:46:28 | 000,943,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll
[2014/05/14 10:46:28 | 000,180,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2014/05/14 10:46:27 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdbui.dll
[2014/05/14 10:46:26 | 000,506,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinTypes.dll
[2014/05/14 10:46:25 | 000,130,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dumpsd.sys
[2014/05/14 10:46:24 | 000,224,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SystemSettingsAdminFlows.exe
[2014/05/14 10:46:22 | 003,085,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2014/05/14 10:46:21 | 001,108,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanmm.dll
[2014/05/14 10:46:21 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ninput.dll
[2014/05/14 10:46:21 | 000,261,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBXHCI.SYS
[2014/05/14 10:46:21 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mdmregistration.dll
[2014/05/14 10:46:21 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Devices.HumanInterfaceDevice.dll
[2014/05/14 10:46:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clrhost.dll
[2014/05/14 10:46:19 | 000,125,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2014/05/14 10:46:18 | 000,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2014/05/14 10:46:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WiFiDisplay.dll
[2014/05/14 10:46:15 | 000,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2014/05/14 10:46:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2014/05/14 10:46:15 | 000,041,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CloudNotifications.exe
[2014/05/14 10:46:14 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/05/14 10:46:14 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/05/14 10:46:14 | 000,065,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/05/14 10:46:13 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2014/05/14 10:46:13 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhcfg.dll
[2014/05/14 10:46:13 | 000,140,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014/05/14 10:46:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
[2014/05/14 10:46:12 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll
[2014/05/14 10:46:11 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/05/14 10:46:11 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.Connectivity.dll
[2014/05/14 10:46:11 | 000,171,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemreset.exe
[2014/05/14 10:46:10 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2014/05/14 10:46:09 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/05/14 10:46:07 | 000,137,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2014/05/14 10:46:06 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014/05/14 10:46:06 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlayToManager.dll
[2014/05/14 10:46:06 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\microsoft-windows-kernel-power-events.dll
[2014/05/14 10:46:06 | 000,122,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\msgpioclx.sys
[2014/05/14 10:46:05 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2014/05/14 10:46:05 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/05/14 10:46:05 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WLanConn.dll
[2014/05/14 10:46:05 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/05/14 10:46:04 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhcpl.dll
[2014/05/14 10:46:04 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2014/05/14 10:46:04 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RestoreOptIn.exe
[2014/05/14 10:46:03 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeui.exe
[2014/05/14 10:46:03 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2014/05/14 10:46:03 | 000,029,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountBroker.exe
[2014/05/14 10:46:02 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PurchaseWindowsLicense.dll
[2014/05/14 10:46:02 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2014/05/14 10:46:02 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LockScreenContent.dll
[2014/05/14 10:46:02 | 000,063,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dumpfve.sys
[2014/05/14 10:46:01 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\deviceregistration.dll
[2014/05/14 10:46:01 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll
[2014/05/14 10:46:00 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WorkfoldersControl.dll
[2014/05/14 10:46:00 | 000,066,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
[2014/05/14 10:46:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AppxSysprep.dll
[2014/05/14 10:45:59 | 000,079,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcd.dll
[2014/05/14 10:45:59 | 000,064,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdstor.sys
[2014/05/14 10:45:58 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2014/05/14 10:45:55 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/05/14 10:45:51 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cleanmgr.exe
[2014/05/14 10:45:50 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\das.dll
[2014/05/14 10:45:50 | 000,136,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthHost.exe
[2014/05/14 10:45:49 | 000,046,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wpcfltr.sys
[2014/05/14 10:45:48 | 003,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootux.dll
[2014/05/14 10:45:46 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BioCredProv.dll
[2014/05/14 10:45:46 | 000,163,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\UCX01000.SYS
[2014/05/14 10:45:46 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2014/05/14 10:45:46 | 000,033,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2014/05/14 10:45:45 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmvdsitf.dll
[2014/05/14 10:45:44 | 000,107,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014/05/14 10:45:44 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\BasicRender.sys
[2014/05/14 10:45:43 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2014/05/14 10:45:43 | 000,025,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysResetErr.exe
[2014/05/14 10:45:42 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014/05/14 10:45:42 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcmcsp.dll
[2014/05/14 10:45:41 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmdskmgr.dll
[2014/05/14 10:45:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2014/05/14 10:45:39 | 000,035,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LockScreenContentServer.exe
[2014/05/14 10:45:38 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3mm.dll
[2014/05/14 10:45:38 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MicrosoftAccountTokenProvider.dll
[2014/05/14 10:45:38 | 000,078,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\easinvoker.exe
[2014/05/14 10:45:37 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MbaeApiPublic.dll
[2014/05/14 10:45:37 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\deviceaccess.dll
[2014/05/14 10:45:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BootMenuUX.dll
[2014/05/14 10:45:37 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DAMM.dll
[2014/05/14 10:45:36 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/05/14 10:45:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2014/05/14 10:45:35 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlidcredprov.dll
[2014/05/14 10:45:35 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2014/05/14 10:45:35 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2014/05/14 10:45:34 | 000,036,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\intelpep.sys
[2014/05/14 10:45:34 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slpts.dll
[2014/05/14 10:45:33 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2014/05/14 10:45:33 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014/05/14 10:45:32 | 000,780,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2014/05/14 10:45:32 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2014/05/14 10:45:32 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
[2014/05/14 10:45:31 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2014/05/14 10:45:31 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2014/05/14 10:45:30 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Devices.Bluetooth.dll
[2014/05/14 10:45:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bi.dll
[2014/05/14 10:45:29 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthBroker.dll
[2014/05/14 10:45:28 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2014/05/14 10:45:28 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Media.Renewal.dll
[2014/05/14 10:45:28 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StorageContextHandler.dll
[2014/05/14 10:45:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\BtaMPM.sys
[2014/05/14 10:45:27 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014/05/14 10:45:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014/05/14 10:45:26 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2014/05/14 10:45:26 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpnprv.dll
[2014/05/14 10:45:26 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2014/05/14 10:45:25 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2014/05/14 10:45:25 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2014/05/14 10:45:25 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2014/05/14 10:45:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2014/05/14 10:45:21 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dafBth.dll
[2014/05/14 10:45:19 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2014/05/14 10:45:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AepRoam.dll
[2014/05/14 10:45:16 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2014/05/14 10:45:14 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2014/05/14 10:45:14 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\energytask.dll
[2014/05/14 10:45:13 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlidcli.dll
[2014/05/14 10:45:13 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014/05/14 10:45:12 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2014/05/14 10:45:12 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingMonitor.dll
[2014/05/14 10:45:12 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DAConn.dll
[2014/05/14 10:45:10 | 001,136,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2014/05/14 10:45:08 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offreg.dll
[2014/05/14 10:45:07 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintDialogs.dll
[2014/05/14 10:45:07 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsku.dll
[2014/05/14 10:45:07 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CloudStorageWizard.exe
[2014/05/14 10:45:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SSShim.dll
[2014/05/14 10:45:06 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2014/05/14 10:45:05 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserLanguagesCpl.dll
[2014/05/14 10:45:05 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PlayToDevice.dll
[2014/05/14 10:45:05 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IdCtrls.dll
[2014/05/14 10:45:05 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhevents.dll
[2014/05/14 10:45:05 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\deviceassociation.dll
[2014/05/14 10:45:04 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werui.dll
[2014/05/14 10:45:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.exe
[2014/05/14 10:45:03 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2014/05/14 10:45:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SrTasks.exe
[2014/05/14 10:45:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2014/05/14 10:45:01 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
[2014/05/14 10:45:01 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014/05/14 10:45:00 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2014/05/14 10:44:59 | 000,178,176 | ---- | C] (Microsoft Corp.) -- C:\Windows\System32\Defrag.exe
[2014/05/14 10:44:59 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\easwrt.dll
[2014/05/14 10:44:58 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2014/05/14 10:44:58 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2014/05/14 10:44:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2014/05/14 10:44:52 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2014/05/14 10:44:51 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ConfigureExpandedStorage.dll
[2014/05/14 10:44:51 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LockScreenContentHost.dll
[2014/05/14 10:44:51 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxshared.dll
[2014/05/14 10:44:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2014/05/14 10:44:50 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbadmin.exe
[2014/05/14 10:44:50 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Windows.ApplicationModel.Store.dll
[2014/05/14 10:44:50 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpclean.dll
[2014/05/14 10:44:47 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SystemSettings.Handlers.dll
[2014/05/14 10:44:46 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014/05/14 10:44:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/05/14 10:44:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\ext-ms-win-session-winsta-l1-1-0.dll
[2014/05/14 10:44:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2014/05/14 10:44:38 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wincorlib.dll
[2014/05/14 10:44:31 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UXInit.dll
[2014/05/14 10:44:28 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BulkOperationHost.exe
[2014/05/14 10:44:26 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2014/05/14 10:44:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2014/05/14 10:44:25 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fhengine.dll
[2014/05/14 10:44:24 | 002,544,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2014/05/14 10:44:24 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncPolicy.dll
[2014/05/14 10:44:22 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GlobCollationHost.dll
[2014/05/14 10:44:21 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2014/05/14 10:44:19 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2014/05/14 10:44:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\ext-ms-win-kernel32-package-l1-1-1.dll
[2014/05/14 10:44:17 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2014/05/14 10:44:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014/05/14 10:44:14 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2014/05/14 10:44:13 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/05/14 10:44:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winbici.dll
[2014/05/14 10:44:12 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\ext-ms-win-ntuser-private-l1-1-1.dll
[2014/05/14 10:44:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\ext-ms-win-ntuser-private-l1-1-0.dll
[2014/05/14 10:44:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\workerdd.dll
[2014/05/14 10:44:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\ext-ms-win-networking-wcmapi-l1-1-0.dll
[2014/05/14 10:44:09 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveskybackup.dll
[2014/05/14 10:44:08 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2014/05/14 10:22:34 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/14 10:15:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/14 10:15:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/14 10:15:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/14 10:15:23 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/14 10:15:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/14 10:14:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/10 12:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/05 17:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2014/05/05 16:56:16 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/04 08:46:33 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/06/04 08:46:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/03 17:36:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/03 16:36:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/02 12:25:55 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/06/02 12:15:47 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/02 12:15:46 | 1717,346,304 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/02 09:15:08 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/01 22:00:33 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/30 18:39:23 | 001,161,080 | ---- | M] () -- C:\Windows\System32\SearchDonkey.E3E38E2B3C8C.2.6.80.dll
[2014/05/25 18:07:19 | 000,734,492 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/25 18:07:19 | 000,139,412 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/25 17:57:03 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLec.DAT
[2014/05/22 13:00:13 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014/05/22 10:40:40 | 000,000,025 | ---- | M] () -- C:\Windows\CDETX300F.ini
[2014/05/16 11:28:04 | 000,381,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/05/15 16:07:15 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/05/14 10:22:34 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/05/14 10:15:24 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014/05/14 10:15:24 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014/05/14 10:15:24 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014/05/14 10:15:23 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/05/14 10:15:22 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/05/14 10:14:26 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/05/13 16:56:26 | 000,777,488 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/05/13 16:56:26 | 000,411,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/05/13 16:56:26 | 000,068,312 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/05/12 07:26:12 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/05/05 16:56:55 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/05/05 16:56:16 | 000,776,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys.1399964185406
[2014/05/05 16:56:16 | 000,411,552 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys.1399964185406
[2014/05/05 16:56:16 | 000,271,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/05/05 16:56:16 | 000,180,632 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/05/05 16:56:16 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/05/05 16:56:16 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/05/05 16:56:16 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/05/05 16:56:16 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/05/05 16:56:16 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/01 22:00:33 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/30 18:39:23 | 001,161,080 | ---- | C] () -- C:\Windows\System32\SearchDonkey.E3E38E2B3C8C.2.6.80.dll
[2014/05/22 10:46:51 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2014/05/22 10:46:51 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2014/05/22 10:46:51 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2014/05/22 10:46:51 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2014/05/22 10:46:51 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2014/05/22 10:46:51 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2014/05/22 10:46:51 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2014/05/22 10:46:51 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2014/05/22 10:46:51 | 000,005,436 | ---- | C] () -- C:\Windows\System32\EPPICLocal_SC.cfg
[2014/05/22 10:46:51 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2014/05/22 10:46:51 | 000,002,889 | ---- | C] () -- C:\Windows\System32\EPPICLocal_RU.cfg
[2014/05/22 10:46:51 | 000,002,426 | ---- | C] () -- C:\Windows\System32\EPPICLocal_TC.cfg
[2014/05/22 10:46:51 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2014/05/22 10:46:51 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2014/05/22 10:46:51 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2014/05/22 10:46:51 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2014/05/22 10:46:51 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2014/05/22 10:46:51 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2014/05/22 10:46:51 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2014/05/22 10:46:51 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2014/05/22 10:46:51 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2014/05/22 10:46:51 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2014/05/22 10:46:50 | 000,013,732 | ---- | C] () -- C:\Windows\System32\EPPICLocal_EN.cfg
[2014/05/22 10:46:50 | 000,006,442 | ---- | C] () -- C:\Windows\System32\EPPICLocal_IT.cfg
[2014/05/22 10:46:50 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_PT.cfg
[2014/05/22 10:46:50 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_BP.cfg
[2014/05/22 10:46:50 | 000,006,335 | ---- | C] () -- C:\Windows\System32\EPPICLocal_GE.cfg
[2014/05/22 10:46:50 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_FR.cfg
[2014/05/22 10:46:50 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_CF.cfg
[2014/05/22 10:46:50 | 000,006,122 | ---- | C] () -- C:\Windows\System32\EPPICLocal_DU.cfg
[2014/05/22 10:46:50 | 000,006,103 | ---- | C] () -- C:\Windows\System32\EPPICLocal_ES.cfg
[2014/05/22 10:46:50 | 000,005,817 | ---- | C] () -- C:\Windows\System32\EPPICLocal_KO.cfg
[2014/05/22 10:41:34 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2014/05/22 10:40:40 | 000,000,025 | ---- | C] () -- C:\Windows\CDETX300F.ini
[2014/05/14 10:54:44 | 000,387,210 | ---- | C] () -- C:\Windows\System32\ApnDatabase.xml
[2014/05/14 10:47:47 | 000,081,975 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014/05/14 10:47:20 | 000,262,335 | ---- | C] () -- C:\Windows\System32\dfpinc.dat
[2014/05/14 10:46:58 | 000,024,518 | ---- | C] () -- C:\Windows\System32\systemsflm.ebd
[2014/05/14 10:45:24 | 000,002,255 | ---- | C] () -- C:\Windows\System32\WimBootCompress.ini
[2014/05/14 10:44:23 | 000,100,197 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2014/05/14 10:44:22 | 000,007,762 | ---- | C] () -- C:\Windows\System32\connectedsearch-suggestions.searchconnector-ms
[2014/05/14 10:44:22 | 000,007,130 | ---- | C] () -- C:\Windows\System32\connectedsearch-zeroinput.searchconnector-ms
[2014/05/14 10:44:08 | 000,011,109 | ---- | C] () -- C:\Windows\System32\connectedsearch-results.searchconnector-ms
[2014/05/14 10:44:04 | 000,050,053 | ---- | C] () -- C:\Windows\System32\srms.dat
[2014/05/14 10:43:59 | 000,002,440 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
[2014/05/05 16:56:19 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/04/15 15:02:30 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLec.DAT
[2014/04/13 13:05:24 | 000,012,855 | ---- | C] () -- C:\Windows\wininit.ini
[2014/04/10 12:27:07 | 000,103,936 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2014/04/08 20:14:53 | 000,000,143 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2014/04/08 19:14:52 | 000,180,632 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/04/08 19:14:52 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/04/08 18:26:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/04/08 18:26:14 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013/08/22 18:19:09 | 000,734,492 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2013/08/22 18:19:09 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2013/08/22 18:19:09 | 000,139,412 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2013/08/22 18:19:09 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2013/08/22 18:17:31 | 000,000,389 | ---- | C] () -- C:\Windows\System32\AutoWorkplace.exe.config
[2013/08/22 18:17:30 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2013/08/22 18:17:29 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2013/08/22 17:24:03 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 17:22:45 | 000,381,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/08/22 13:33:54 | 000,073,216 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2013/08/22 13:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2013/08/22 09:57:03 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 09:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2013/08/22 09:52:35 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin
[2013/08/22 09:52:35 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
[2013/08/22 09:50:57 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat
[2012/09/14 09:22:08 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2012/09/14 09:22:08 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2012/09/14 09:22:08 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT

========== ZeroAccess Check ==========

[2014/04/08 18:47:43 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 17:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 12:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2013/08/22 12:42:12 | 000,390,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/04/08 19:16:50 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\AVAST Software
[2014/05/22 11:27:57 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\EPSON
[2014/04/15 15:00:58 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Nikon
[2014/05/30 18:43:05 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\QuickScan
[2014/06/01 19:06:28 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Safer Networking

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\Nick\SkyDrive:ms-properties
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

**ken545** · 2014-06-04, 02:41

Just some leftovers to remove

Open OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

Code:

:OTL
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001\..\SearchScopes\EDD407FE541A4E1198E2AB19DED0A247: "URL" = http://search.conduit.com/Results.aspx?gd=&ctid=CT3323744&octid=EB_ORIGINAL_CTID&ISID=M39DF27B2-6BE5-4B18-A5CA-6501BB1D6864&SearchSource=58&CUI=&UM=5&UP=SP9444CE26-BA51-4431-A291-4156580B5FF7&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\EDD407FE541A4E1198E2AB19DED0A247: "URL" = http://search.conduit.com/Results.aspx?gd=&ctid=CT3323744&octid=EB_ORIGINAL_CTID&ISID=M39DF27B2-6BE5-4B18-A5CA-6501BB1D6864&SearchSource=58&CUI=&UM=5&UP=SP9444CE26-BA51-4431-A291-4156580B5FF7&q={searchTerms}&SSPV=
CHR - default_search_provider: qone8 (Enabled)
CHR - default_search_provider: search_url = http://www.qone8.com/web/?type=ds&ts=1401438765&from=vtt&uid=MAXTORXSTM3250310AS_6RY8SDB9XXXX6RY8SDB9&q={searchTerms}


:Services

:Reg

:Files
C:\Windows\System32\SearchDonkey.E3E38E2B3C8C.2.6.80.dll
ipconfig /flushdns /c


:Commands
[purity]
[resethosts]
[EMPTYJAVA] 
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces

Then run a new scan with OTL and post the new log please

**nickrobinsonnick** · 2014-06-05, 07:31

Ken,

Fix results:

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2683175902-963029523-2157096801-1001\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_USERS\S-1-5-21-2683175902-963029523-2157096801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Windows\System32\SearchDonkey.E3E38E2B3C8C.2.6.80.dll moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Nick\Downloads\cmd.bat deleted successfully.
C:\Users\Nick\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Nick

User: Public

Total Java Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nick
->Temp folder emptied: 45245698 bytes
->Temporary Internet Files folder emptied: 44736260 bytes
->FireFox cache emptied: 89204631 bytes
->Google Chrome cache emptied: 6267433 bytes
->Flash cache emptied: 916 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4113546 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42 bytes
RecycleBin emptied: 1443359206 bytes

Total Files Cleaned = 1,557.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06052014_130548

Files\Folders moved on Reboot...
File move failed. C:\Users\Nick\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

And Rescan:

OTL logfile created on: 5/06/2014 3:11:43 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nick\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.19 Gb Available Physical Memory | 59.69% Memory free
2.94 Gb Paging File | 1.74 Gb Available in Paging File | 59.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 129.33 Gb Free Space | 55.54% Space Free | Partition Type: NTFS
Drive E: | 1863.02 Gb Total Space | 1432.20 Gb Free Space | 76.88% Space Free | Partition Type: NTFS

Computer Name: NICKSPC | User Name: Nick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Nick\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x86__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x86__8wekyb3d8bbwe\glcnd.exe (Microsoft Corporation)
PRC - C:\Windows\System32\SkyDrive.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhostex.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dasHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()

========== Services (SafeList) ==========

SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (AppXSvc) -- C:\Windows\System32\AppXDeploymentServer.dll (Microsoft Corporation)
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation)
SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation)
SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation)
SRV - (AppReadiness) -- C:\Windows\System32\AppReadiness.dll (Microsoft Corporation)
SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV - (workfolderssvc) -- C:\Windows\System32\workfolderssvc.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation)
SRV - (WEPHOSTSVC) -- C:\Windows\System32\wephostsvc.dll (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation)
SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation)
SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicguestinterface) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\System32\smphost.dll (Microsoft Corporation)
SRV - (ScDeviceEnum) -- C:\Windows\System32\ScDeviceEnum.dll (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SRV - (NcbService) -- C:\Windows\System32\ncbservice.dll (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (mbamchameleon) -- C:\Windows\System32\Drivers\mbamchameleon.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\Drivers\aswsnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\Drivers\aswsp.sys (AVAST Software)
DRV - (aswStm) -- C:\Windows\System32\Drivers\aswstm.sys (AVAST Software)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\Drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\Drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswRdr) -- C:\Windows\System32\Drivers\aswRdr2.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\Drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswHwid) -- C:\Windows\System32\Drivers\aswHwid.sys ()
DRV - (wStLibG) -- C:\Windows\System32\Drivers\wStLibG.sys (StdLib)
DRV - (WdFilter) -- C:\Windows\System32\Drivers\WdFilter.sys (Microsoft Corporation)
DRV - (WdNisDrv) -- C:\Windows\System32\Drivers\WdNisDrv.sys (Microsoft Corporation)
DRV - (WdBoot) -- C:\Windows\System32\Drivers\WdBoot.sys (Microsoft Corporation)
DRV - (CLFS) -- C:\Windows\System32\Drivers\clfs.sys (Microsoft Corporation)
DRV - (Wof) -- C:\Windows\System32\drivers\wof.sys (Microsoft Corporation)
DRV - (USBHUB3) -- C:\Windows\System32\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV - (WFPLWFS) -- C:\Windows\System32\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV - (USBXHCI) -- C:\Windows\System32\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV - (spaceport) -- C:\Windows\System32\Drivers\spaceport.sys (Microsoft Corporation)
DRV - (UCX01000) -- C:\Windows\System32\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV - (sdstor) -- C:\Windows\System32\Drivers\sdstor.sys (Microsoft Corporation)
DRV - (GPIOClx0101) -- C:\Windows\System32\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV - (wpcfltr) -- C:\Windows\System32\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
DRV - (intelpep) -- C:\Windows\System32\Drivers\intelpep.sys (Microsoft Corporation)
DRV - (pdc) -- C:\Windows\System32\Drivers\pdc.sys (Microsoft Corporation)
DRV - (SerCx2) -- C:\Windows\System32\Drivers\SerCx2.sys (Microsoft Corporation)
DRV - (stornvme) -- C:\Windows\System32\Drivers\stornvme.sys (Microsoft Corporation)
DRV - (VerifierExt) -- C:\Windows\System32\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\Drivers\terminpt.sys (Microsoft Corporation)
DRV - (condrv) -- C:\Windows\System32\Drivers\condrv.sys (Microsoft Corporation)
DRV - (dam) -- C:\Windows\System32\Drivers\dam.sys (Microsoft Corporation)
DRV - (acpiex) -- C:\Windows\System32\Drivers\acpiex.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\Drivers\tpm.sys (Microsoft Corporation)
DRV - (mvumis) -- C:\Windows\System32\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV - (msgpiowin32) -- C:\Windows\System32\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV - (LSI_SAS3) -- C:\Windows\System32\Drivers\lsi_sas3.sys (LSI Corporation)
DRV - (LSI_SSS) -- C:\Windows\System32\Drivers\lsi_sss.sys (LSI Corporation)
DRV - (3ware) -- C:\Windows\System32\Drivers\3ware.sys (LSI)
DRV - (ADP80XX) -- C:\Windows\System32\Drivers\adp80xx.sys (PMC-Sierra)
DRV - (EhStorTcgDrv) -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV - (EhStorClass) -- C:\Windows\System32\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV - (VSTXRAID) -- C:\Windows\System32\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV - (storahci) -- C:\Windows\System32\Drivers\storahci.sys (Microsoft Corporation)
DRV - (SpbCx) -- C:\Windows\System32\Drivers\SpbCx.sys (Microsoft Corporation)
DRV - (SerCx) -- C:\Windows\System32\Drivers\SerCx.sys (Microsoft Corporation)
DRV - (UASPStor) -- C:\Windows\System32\Drivers\uaspstor.sys (Microsoft Corporation)
DRV - (cnghwassist) -- C:\Windows\System32\Drivers\cnghwassist.sys (Microsoft Corporation)
DRV - (UEFI) -- C:\Windows\System32\Drivers\uefi.sys (Microsoft Corporation)
DRV - (WpdUpFltr) -- C:\Windows\System32\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\Drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\Drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\Drivers\storvsc.sys (Microsoft Corporation)
DRV - (ahcache) -- C:\Windows\System32\Drivers\ahcache.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV - (HyperVideo) -- C:\Windows\System32\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV - (mshidumdf) -- C:\Windows\System32\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV - (acpitime) -- C:\Windows\System32\Drivers\acpitime.sys (Microsoft Corporation)
DRV - (acpipagr) -- C:\Windows\System32\Drivers\acpipagr.sys (Microsoft Corporation)
DRV - (npsvctrig) -- C:\Windows\System32\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV - (BthAvrcpTg) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV - (kdnic) -- C:\Windows\System32\Drivers\kdnic.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\Drivers\vms3cap.sys (Microsoft Corporation)
DRV - (gencounter) -- C:\Windows\System32\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV - (bthhfhid) -- C:\Windows\System32\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV - (BthHFEnum) -- C:\Windows\System32\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (hyperkbd) -- C:\Windows\System32\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (hidi2c) -- C:\Windows\System32\Drivers\hidi2c.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\Drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\Drivers\dmvsc.sys (Microsoft Corporation)
DRV - (netvsc) -- C:\Windows\System32\Drivers\netvsc63.sys (Microsoft Corporation)
DRV - (NdisVirtualBus) -- C:\Windows\System32\Drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV - (NdisImPlatform) -- C:\Windows\System32\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV - (MsLldp) -- C:\Windows\System32\Drivers\mslldp.sys (Microsoft Corporation)
DRV - (Ndu) -- C:\Windows\System32\Drivers\Ndu.sys (Microsoft Corporation)
DRV - (FxPPM) -- C:\Windows\System32\Drivers\fxppm.sys (Microsoft Corporation)
DRV - (bcmfn2) -- C:\Windows\System32\Drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV - (iaStorAV) -- C:\Windows\System32\Drivers\iaStorAV.sys (Intel Corporation)
DRV - (iaioi2c) -- C:\Windows\System32\Drivers\iaioi2c.sys (Intel Corporation)
DRV - (GPIO) -- C:\Windows\System32\Drivers\iaiogpio.sys (Intel Corporation)
DRV - (RTL8168) -- C:\Windows\System32\Drivers\Rt630x86.sys (Realtek )
DRV - (amdkmdap) -- C:\Windows\System32\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\Drivers\wdcsam.sys (Western Digital Technologies)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceL...FManageAccount
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\EDD407FE541A4E1198E2AB19DED0A247: "URL" = http://search.conduit.com/Results.aspx?gd=&ctid=CT3323744&octid=EB_ORIGINAL_CTID&ISID=M39DF27B2-6BE5-4B18-A5CA-6501BB1D6864&SearchSource=58&CUI=&UM=5&UP=SP9444CE26-BA51-4431-A291-4156580B5FF7&q={searchTerms}&SSPV=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2018.95
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/05/05 16:56:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/05/30 18:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\mozilla\Extensions
[2014/06/01 17:53:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\mozilla\Firefox\Profiles\kddnq5x6.default\extensions
[2014/05/10 12:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/10 12:01:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/05 16:56:18 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: qone8 (Enabled)
CHR - default_search_provider: search_url = http://www.qone8.com/web/?type=ds&ts=1401438765&from=vtt&uid=MAXTORXSTM3250310AS_6RY8SDB9XXXX6RY8SDB9&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&form=BDT3DF&PC=BDT3,
CHR - plugin: Error reading preferences file
CHR - Extension: avast! Online Security = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: Google Wallet = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2014/06/05 13:05:57 | 000,000,098 | ---- | M]) - C:\Windows\System32\Drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [EPSON Stylus Office TX300F] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEJP.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [OutfoxTV] C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe File not found
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 61.9.134.49 61.9.133.193
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17BAE6C7-573A-4966-AD08-D3FA2746AFB7}: DhcpNameServer = 61.9.134.49 61.9.133.193
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/22 18:16:34 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/30 06:52:30 | 000,000,035 | ---- | M] () - E:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/05 13:05:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/06/02 12:10:01 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/02 09:14:14 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/06/02 09:12:39 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/01 22:01:10 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/06/01 22:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/01 22:00:26 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/06/01 22:00:26 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/06/01 22:00:26 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/06/01 22:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/06/01 22:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/01 19:06:28 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Safer Networking
[2014/06/01 19:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
[2014/06/01 19:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\Safer Networking
[2014/06/01 16:07:17 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\ElevatedDiagnostics
[2014/06/01 16:06:31 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\Diagnostics
[2014/06/01 12:59:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2014/05/30 18:43:05 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\QuickScan
[2014/05/30 18:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2014/05/22 11:49:19 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Google
[2014/05/22 11:46:46 | 000,000,000 | -HSD | C] -- C:\Users\Nick\AppData\Local\EmieUserList
[2014/05/22 11:46:46 | 000,000,000 | -HSD | C] -- C:\Users\Nick\AppData\Local\EmieSiteList
[2014/05/22 11:37:21 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2014/05/22 11:37:19 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BEJP.DLL
[2014/05/22 11:27:56 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\EPSON
[2014/05/22 11:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2014/05/22 11:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2014/05/22 11:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2014/05/22 11:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2014/05/22 11:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 6.0 Sprint
[2014/05/22 10:46:51 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK2.dll
[2014/05/22 10:46:51 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EpPicPrt.dll
[2014/05/22 10:46:51 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICEntry.dll
[2014/05/22 10:46:51 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK.dll
[2014/05/22 10:46:51 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EPPicMgr.dll
[2014/05/22 10:46:48 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\InstallShield
[2014/05/22 10:42:06 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBEJP.DLL
[2014/05/22 10:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON

Thread: win32,agent.esq and qvo

Thread Tools

Display

win32,agent.esq and qvo

Posting Permissions