Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Hello.
A month or two ago, my computer picked up some kind of spyware/malware and caused all kinds of problems at the time. I used Malwarebytes and Avira to get rid of the most serious problems, but Internet Explorer has not worked since then. I have been using Mozilla Firefox as my browser. Every once in a while, I will notice some minor problems with my computer so I have to believe that my computer is still being affected by the remnants of whatever malware got into my system. I would really like to get IE back as well. It will not load the homepage or any page.
Thanks
Here is the OTL scan.
OTL logfile created on: 2/3/2014 1:10:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ken\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 13.27 Gb Available Physical Memory | 83.08% Memory free
31.95 Gb Paging File | 28.62 Gb Available in Paging File | 89.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.24 Gb Total Space | 30.03 Gb Free Space | 25.18% Space Free | Partition Type: NTFS
Drive L: | 931.51 Gb Total Space | 860.47 Gb Free Space | 92.37% Space Free | Partition Type: NTFS
Computer Name: KEN-PC | User Name: Ken | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/02/03 13:10:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ken\Desktop\OTL.exe
PRC - [2014/01/28 18:59:18 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
PRC - [2014/01/02 18:32:12 | 033,508,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/12/21 21:21:56 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013/12/21 21:21:19 | 001,032,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2013/12/21 21:21:13 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/11/26 13:16:36 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/09/20 14:12:52 | 009,837,056 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
PRC - [2013/09/20 14:12:52 | 009,828,864 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
PRC - [2013/09/20 14:12:52 | 000,103,936 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
PRC - [2013/02/01 12:22:34 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
========== Modules (No Company Name) ==========
MOD - [2014/02/03 09:37:40 | 000,041,984 | ---- | M] () -- c:\Users\Ken\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_od2kh.dll
MOD - [2014/01/28 18:59:18 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
MOD - [2013/12/17 20:25:54 | 003,610,624 | ---- | M] () -- C:\Users\Ken\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/10/18 17:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Ken\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/09/20 13:50:06 | 000,988,160 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
MOD - [2013/09/17 04:54:38 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
MOD - [2013/02/01 12:22:37 | 003,023,256 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/11/26 03:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014/01/28 18:59:18 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 21:21:56 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/12/21 21:21:22 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/26 13:16:36 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/09/20 19:03:26 | 000,807,800 | ---- | M] (Spigot, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/10/23 03:47:48 | 002,848,168 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/12/21 21:22:02 | 000,131,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/12/21 21:22:02 | 000,108,440 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/11/26 13:17:21 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/01/06 17:20:00 | 000,676,864 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {16237AD1-B295-45C7-9F39-951CA524F33B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 8C 7D C6 98 0B CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - SOFTWARE\Classes\CLSID\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {032BA77B-A9AA-4A05-99D5-AAEA58862784}
IE - HKCU\..\SearchScopes\{032BA77B-A9AA-4A05-99D5-AAEA58862784}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{16237AD1-B295-45C7-9F39-951CA524F33B}: "URL" = http://search.condui...2211197136&UM=2
IE - HKCU\..\SearchScopes\{5DC88221-4520-4FAE-BEFB-FDFA91B1F715}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..CT3287811.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3298566.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...s}&sspv=TB_CNI"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..keyword.URL: "http://search.yahoo....type=219247&p="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Ken\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\tdameritrade.com/tossc: C:\Program Files (x86)\thinkTDA\nptossc.dll (TD Ameritrade)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.3.0.11
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linksicle@linksicle.com: C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/07 17:14:54 | 000,000,000 | ---D | M]
[2013/02/15 10:49:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ken\AppData\Roaming\Mozilla\Extensions
[2014/02/02 09:24:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\1bhvuexe.default\extensions
[2013/12/05 21:47:33 | 000,000,000 | ---D | M] (MixiDJ V30) -- C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\1bhvuexe.default\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
[2013/11/12 14:34:26 | 000,000,000 | ---D | M] (VisualBee V.12) -- C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\1bhvuexe.default\extensions\{53c4024f-5a2e-4f2a-b33e-e8784d730938}
[2014/01/14 15:17:04 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\1bhvuexe.default\extensions\emily@wilford.biz
[2014/01/10 13:49:06 | 000,007,494 | ---- | M] () (No name found) -- C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\1bhvuexe.default\extensions\firefox@albrechto.co.xpi
[2013/12/05 21:47:33 | 000,001,029 | ---- | M] () -- C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\1bhvuexe.default\searchplugins\conduit.xml
[2013/10/02 12:51:39 | 000,000,905 | ---- | M] () -- C:\Users\Ken\AppData\Roaming\Mozilla\Firefox\Profiles\1bhvuexe.default\searchplugins\yahoo_ff.xml
[2013/12/05 20:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/01/14 15:24:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/02/01 12:22:53 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/02/01 12:22:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/07/04 18:43:58 | 000,003,724 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2013/02/19 22:02:32 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Yahoo (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...={searchTerms},
CHR - homepage: http://search.condui...2972165128&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.22.5.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.22.5.10_0\plugins/np-cwmp.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.22.5.10_0\search/plugins/npConduitNewTabPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Ken\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: tossc (Enabled) = C:\Program Files (x86)\thinkTDA\nptossc.dll
CHR - plugin: Citrix Online Web Deployment Plugin 1.0.0.104 (Enabled) = C:\Users\Ken\AppData\Local\Citrix\Plugins\104\npappdetector.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Readium = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl\0.9.1_0\
CHR - Extension: Google Wallet = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/07/04 14:39:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...br/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB913DE5-D8A3-4649-9A8B-07C3D329ED61}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/12/06 18:36:58 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/03 13:10:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ken\Desktop\OTL.exe
[2014/02/02 09:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/01 23:42:27 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Local\Apps
[2014/02/01 23:02:33 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Local\Adobe_Systems_Incorporate
[2014/02/01 12:57:07 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\Media Player Classic
[2014/01/31 14:22:39 | 000,000,000 | ---D | C] -- C:\Users\Ken\KooBits4
[2014/01/31 14:22:39 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\koobits.koobits4.com
[2014/01/31 14:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2014/01/31 13:53:48 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\Sony Corporation
[2014/01/31 13:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2014/01/31 13:53:48 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Local\kinoma
[2014/01/31 13:53:11 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Local\Sony Corporation
[2014/01/26 20:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/25 23:52:57 | 000,000,000 | R--D | C] -- C:\Users\Ken\Dropbox
[2014/01/25 23:52:21 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\DropboxMaster
[2014/01/25 23:52:13 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/01/25 23:52:01 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\Dropbox
[2014/01/25 23:51:35 | 037,660,568 | ---- | C] (Dropbox, Inc.) -- C:\Users\Ken\Desktop\Dropbox 2.6.2.exe
[2014/01/15 11:06:15 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/15 11:06:15 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 11:06:15 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/14 20:46:11 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\Amazon
[2014/01/14 20:46:10 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Local\webkit
[2014/01/14 20:44:36 | 000,000,000 | ---D | C] -- C:\Users\Ken\Desktop\No-1-Market-Top-Secret-10012014-MOBI
[2014/01/14 20:40:59 | 000,000,000 | ---D | C] -- C:\Users\Ken\.kindle
[2014/01/14 20:40:26 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2014/01/14 20:40:07 | 000,000,000 | ---D | C] -- C:\Users\Ken\Desktop\Kindle Previewer
[2014/01/14 15:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/14 15:22:16 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\calibre
[2014/01/14 15:17:03 | 000,000,000 | ---D | C] -- C:\Users\Ken\AppData\Roaming\MyWordTool
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/02/03 13:10:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ken\Desktop\OTL.exe
[2014/02/03 12:54:08 | 000,000,095 | -H-- | M] () -- C:\Users\Ken\Desktop\.~lock.AutotraderNinja.odt#
[2014/02/03 12:41:13 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/03 12:41:13 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/03 12:41:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/03 09:44:52 | 000,022,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/03 09:44:52 | 000,022,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/03 09:42:07 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/03 09:42:07 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/03 09:42:07 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/03 09:37:40 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/03 09:37:36 | 4276,785,150 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/03 01:21:59 | 000,020,461 | ---- | M] () -- C:\Users\Ken\Desktop\AutotraderNinja.odt
[2014/02/02 21:46:59 | 002,077,911 | ---- | M] () -- C:\Users\Ken\Desktop\Ken Bragg Timesheet.jpg
[2014/02/02 12:42:58 | 000,002,293 | ---- | M] () -- C:\Users\Ken\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/02 08:42:56 | 000,310,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/02/02 00:03:48 | 000,000,017 | ---- | M] () -- C:\Users\Ken\AppData\Local\resmon.resmoncfg
[2014/01/28 18:59:18 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/28 18:59:18 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/25 23:52:57 | 000,001,009 | ---- | M] () -- C:\Users\Ken\Desktop\Dropbox.lnk
[2014/01/25 23:52:23 | 000,001,019 | ---- | M] () -- C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/25 23:51:46 | 037,660,568 | ---- | M] (Dropbox, Inc.) -- C:\Users\Ken\Desktop\Dropbox 2.6.2.exe
[2014/01/22 00:43:01 | 000,022,741 | ---- | M] () -- C:\Users\Ken\Documents\Dr. Gumm.odt
[2014/01/14 20:44:04 | 009,275,071 | ---- | M] () -- C:\Users\Ken\Desktop\No-1-Market-Top-Secret-10012014-MOBI.zip
[2014/01/14 20:36:02 | 000,126,629 | ---- | M] () -- C:\Users\Ken\Desktop\Instructions.pdf
[2014/01/09 14:14:29 | 004,034,443 | ---- | M] () -- C:\Users\Ken\Desktop\No 1 Market Top Secret 10012014.epub
[2014/01/09 14:14:29 | 004,034,443 | ---- | M] () -- C:\Users\Ken\Desktop\EpubNo 1 Market Top Secret 10012014.epub
[2014/01/09 14:12:23 | 012,004,110 | ---- | M] () -- C:\Users\Ken\Desktop\No 1 Market Top Secret 10012014.mobi
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/02/03 12:54:08 | 000,000,095 | -H-- | C] () -- C:\Users\Ken\Desktop\.~lock.AutotraderNinja.odt#
[2014/02/02 21:56:18 | 000,020,461 | ---- | C] () -- C:\Users\Ken\Desktop\AutotraderNinja.odt
[2014/02/02 09:31:35 | 000,002,293 | ---- | C] () -- C:\Users\Ken\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/02/02 09:31:12 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/02 09:31:12 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/02 08:58:49 | 009,275,071 | ---- | C] () -- C:\Users\Ken\Desktop\No-1-Market-Top-Secret-10012014-MOBI.zip
[2014/02/02 00:03:48 | 000,000,017 | ---- | C] () -- C:\Users\Ken\AppData\Local\resmon.resmoncfg
[2014/01/25 23:58:06 | 012,004,110 | ---- | C] () -- C:\Users\Ken\Desktop\No 1 Market Top Secret 10012014.mobi
[2014/01/25 23:57:52 | 004,034,443 | ---- | C] () -- C:\Users\Ken\Desktop\EpubNo 1 Market Top Secret 10012014.epub
[2014/01/25 23:53:09 | 004,034,443 | ---- | C] () -- C:\Users\Ken\Desktop\No 1 Market Top Secret 10012014.epub
[2014/01/25 23:52:57 | 000,001,009 | ---- | C] () -- C:\Users\Ken\Desktop\Dropbox.lnk
[2014/01/25 23:52:23 | 000,001,019 | ---- | C] () -- C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/22 00:42:59 | 000,022,741 | ---- | C] () -- C:\Users\Ken\Documents\Dr. Gumm.odt
[2014/01/14 20:36:01 | 000,126,629 | ---- | C] () -- C:\Users\Ken\Desktop\Instructions.pdf
[2014/01/02 00:44:15 | 000,000,115 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/12/17 23:30:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\NtDirect.dll
[2013/06/29 12:27:01 | 000,000,113 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/04/25 08:55:41 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/04/23 15:20:38 | 000,000,320 | ---- | C] () -- C:\Users\Ken\AppData\Roaming\SEC508942.trad
[2013/04/23 15:20:33 | 000,000,043 | ---- | C] () -- C:\Windows\WALLSTRT.INI
[2013/04/22 20:26:55 | 000,004,867 | ---- | C] () -- C:\ProgramData\zkaxuuhr.pbi
[2013/03/27 14:17:13 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\TSD32.DLL
[2013/02/15 10:19:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Files - Unicode (All) ==========
[2013/09/21 15:15:14 | 098,547,399 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\牧欂豴
[2013/09/21 15:15:14 | 098,547,399 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\牧欂豴
< End of report >
Edited by baldingeagle, 03 February 2014 - 01:18 PM.
