ScorpionSaver reinstalls after removal

theredog · December 4, 2013

I picked this up from who knows where. Every time I remove it, it will reinstall itself. Tried to find all of it's components and delete but it still reinstalls. Quick search says it's not harmful but I don't want it.

Use Firefox, Windows 7, AGV Free and Malwarebytes. Can't figure out how to close AGV2014 to start runnig your recommended programs either.

It's been a long time since I've had to go through this and never on the dreaded Windows 7 with it's admin permission CRAP!

I use to go to G4 Tech Forum but they are gone. Pete C was a big help a few years ago.

Will you guys help me out?

theredog · December 4, 2013

Ran adwcleaner then malwarebytes quickscan. After adw was run agv popped up with threat. Repaired.

1st adw log

# AdwCleaner v3.014 - Report created 04/12/2013 at 04:49:36
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Redog
# Running from : D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013\Malware Removal 12 2013 a\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : Level Quality Watcher

***** [ Files / Folders ] *****

File Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Found : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\Extensions\[email protected]
File Found : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\user.js
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg
Folder Found C:\Program Files (x86)\BitTorrentBar
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\ConduitEngine
Folder Found C:\Program Files\Level Quality Watcher
Folder Found C:\ProgramData\eSafe
Folder Found C:\Users\Redog\AppData\Local\Conduit
Folder Found C:\Users\Redog\AppData\LocalLow\BitTorrentBar
Folder Found C:\Users\Redog\AppData\LocalLow\Conduit
Folder Found C:\Users\Redog\AppData\LocalLow\ConduitEngine

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\Software\BitTorrentBar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{233A9741-5665-421D-AA63-B562DD12F7A0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ADE7C88-4DF7-4F3B-8482-5BE3C7DE6924}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB9E5B6-66DB-44D6-9F79-2EF9A9ACF2B4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\prefs.js ]

Line Found : user_pref("extensions.dynconff.cache.www.dosearches.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1524_1521\"><content id=\"MB_P1\">\r\n <newjs>\r\n <![CDATA[\r\n\r\n (function () [...]
Line Found : user_pref("extensions.dynconff.cache.www.dosearches.com.expires", "1384182198922");

-\\ Google Chrome v

[ File : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : search_url
Found : keyword
Found : urls_to_restore_on_startup
Found : homepage
Found : search_url
Found : urls_to_restore_on_startup
Found : homepage
Found : search_url
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [10568 octets] - [04/12/2013 04:49:36]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10629 octets] ##########

2nd adw log (after clean?)

# AdwCleaner v3.014 - Report created 04/12/2013 at 04:52:29
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Redog
# Running from : D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013\Malware Removal 12 2013 a\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Level Quality Watcher

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\BitTorrentBar
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Redog\AppData\Local\Conduit
Folder Deleted : C:\Users\Redog\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Redog\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Redog\AppData\LocalLow\BitTorrentBar
Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg
Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
[!] Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
File Deleted : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\Extensions\[email protected]
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\user.js
File Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{233A9741-5665-421D-AA63-B562DD12F7A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ADE7C88-4DF7-4F3B-8482-5BE3C7DE6924}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB9E5B6-66DB-44D6-9F79-2EF9A9ACF2B4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\prefs.js ]

Line Deleted : user_pref("extensions.dynconff.cache.www.dosearches.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1524_1521\"><content id=\"MB_P1\">\r\n <newjs>\r\n <![CDATA[\r\n\r\n (function () [...]
Line Deleted : user_pref("extensions.dynconff.cache.www.dosearches.com.expires", "1384182198922");

-\\ Google Chrome v

[ File : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [10750 octets] - [04/12/2013 04:49:36]
AdwCleaner[s0].txt - [8761 octets] - [04/12/2013 04:52:29]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8821 octets] ##########

Malwarebytes log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.03.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Redog :: [administrator]

12/4/2013 4:59:10 AM
MBAM-log-2013-12-04 (05-09-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 261532
Time elapsed: 6 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg (PUP.Optional.ScorpionSaver) -> No action taken.

Files Detected: 0
(No malicious items detected)

(end)

flashh4 · December 4, 2013

Howdy Redog and welcome to BestTechie !!! I did Malware at G4 for 11 yrs. It was my home, but now this is my home & Welcome !!

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!

NEXT

MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.

When the scan is complete, click OK, then Show Results to view the results.

    * Then click Remove Selected .
    * When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    Or via the Logs tab when the application is started.

Please don't attach the scans / logs, use "copy/paste".

Post next:
1. Junkware Removal

2. Malwarebytes log

Thanks
Chuck

==========================

NEXT

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr

If you already have a copy of OTL delete it and use this version. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !

Post Next:
1. OTL.txt and Extras.txt (if a Extras.txt is produced)

Thanks
Chuck

========================================================================

WARNING

BitTorrentBar is a P2P program !

P2P Warning

There are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect to become infected & malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realise. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter http://www.fbi.gov/cyberinvest/cyberedletter.htm
File sharing infects 500,000 computers http://www.itpro.co.uk/195672/file-sharing-infects-500-000-computers
USAToday http://www.usatoday.com/tech/columnist/kimkomando/2006-04-13-file-sharing-woes_x.htm
infoworld http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft
Below are a few more articles on P2P that you may wish to read ....
http://www.us-cert.gov/cas/tips/ST05-007.html
http://www.fbi.gov/scams-safety/peertopeer/oeertopeer
http://www.benedelman.org/spyware/p2p/
http://www.pcworld.com/article/126230/i ... works.html

Either refrain from using this program or simply remove, i would remove it before you become infected with something that we may not be able to clean ! I have seen this happen. !!!

With that said how would you like to proceed ??

flashh4 · December 4, 2013

AVG disable :

The AVG software protects your computer on multiple levels. In case you need to disable all AVG components at once please follow the steps below:

Open the AVG Program.
On the Tools menu, click Advanced settings.
Click Temporarily disable AVG protection in the menu on the left side.
Select the Temporarily disable AVG protection check box, and then click OK.
Choose how long you want the protection to be disabled and whether to disable the Firewall as well, and then click Disable real-time protection.

theredog · December 4, 2013

Chuck, I'm a little confused on the Old Timer download. I just downloaded it from another link at BT yesterday. If you want me to delete that one, which one of the two links you provided do you want me to use? The last one ends in scr. What is scr?

Have over 200 Gb of movies from Kick Ass Torrents and I try to use the ones marked with a crown, which is supposed to mean it's safe to download.

I haven't been downloading for the last couple of months because the HDD is taking a crap (I think)

1TB second HDD does this now:

When I click on the HDD partition where movies and clips are located, the progress bar at the top never completes and when I click to a different drive and go back, every folder is white instead of the normal folder color. Also, I see the RAM usage continues to climb (Logitech gaming keyboard has a cpu/ram usage display.) Rebooting brings the computer back to normal.

Not ready to delete Bit Torrent just yet.

You said I have signs of one or more P2P programs. Pretty sure Bit Torrent is the only one installed.

I use Code Stuffer also.

theredog · December 4, 2013

Shouldn't I check the top three and remove? They weren't checked after the quick scan.

theredog · December 4, 2013

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by Redog on Wed 12/04/2013 at 10:58:57.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Redog\AppData\Roaming\mozilla\firefox\profiles\ovc4b2qd.default\prefs.js

user_pref("extensions.alexa.demographics-session", "fNNaf1KOv900MH");
user_pref("extensions.alexa.session", "fNNaf1KOv900MH");

Emptied folder: C:\Users\Redog\AppData\Roaming\mozilla\firefox\profiles\ovc4b2qd.default\minidumps [127 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/04/2013 at 11:01:56.40
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

flashh4 · December 4, 2013

Either link is fine ! The logs will be the same !

P2P is just a warning speech that i use when i find a P2P program. JUST DO NOT USE IT WHILE WE ARE CHECKING THE COMPUTER !!

Most forums will not help you if you have a p2p installed until it is removed !!

Thanks

Chuck+

flashh4 · December 4, 2013

Yep on Malwarebytes found, that's in my instructions above !!

theredog · December 4, 2013

Here is the Malwarebytes log BEFORE rebooting

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.04.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Redog :: T00T1E_3564 [administrator]

12/4/2013 11:12:37 AM
mbam-log-2013-12-04 (11-12-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262046
Time elapsed: 5 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\Temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

(end)

Next is OldTimer. . . . .

flashh4 · December 4, 2013

Red, Malwarebytes should take care of the scorpion thing !!

Did you re-boot after running Malwarebytes ???

Chuck

theredog · December 4, 2013

OTL logfile created on: 12/4/2013 11:51:26 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.27 Gb Available Physical Memory | 71.14% Memory free
12.00 Gb Paging File | 10.13 Gb Available in Paging File | 84.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78.53 Gb Total Space | 20.44 Gb Free Space | 26.03% Space Free | Partition Type: NTFS
Drive D: | 33.16 Gb Total Space | 6.06 Gb Free Space | 18.29% Space Free | Partition Type: NTFS
Drive F: | 4.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive J: | 635.25 Gb Total Space | 93.47 Gb Free Space | 14.71% Space Free | Partition Type: NTFS
Drive K: | 296.13 Gb Total Space | 92.21 Gb Free Space | 31.14% Space Free | Partition Type: NTFS

Computer Name: T00T1E_3564 | User Name: Redog | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/04 11:28:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013\OTL.com
PRC - [2013/11/20 06:32:52 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/03 08:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/11/20 07:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/07/14 03:00:00 | 000,032,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2009/12/23 16:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009/06/02 18:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe

========== Modules (No Company Name) ==========

MOD - [2013/11/20 06:32:51 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/21 11:45:48 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/01/04 21:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/28 05:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/05 16:42:04 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2013/11/20 06:32:52 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/03 08:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/13 18:34:11 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/11/14 04:16:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\Redog\AppData\Local\Temp\7zS4FC9\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/11/23 16:33:22 | 000,240,112 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010/07/16 05:48:26 | 000,354,288 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2010/07/16 05:48:04 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2010/07/14 03:00:00 | 000,032,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/23 16:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/02 18:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/27 19:24:18 | 000,175,480 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 21:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/14 01:28:51 | 000,530,488 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/05/03 20:40:19 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/04/09 03:06:31 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2011/04/09 03:06:31 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2011/03/21 12:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/04 22:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/04 21:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/24 12:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/08/24 12:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010/04/20 14:59:02 | 000,024,560 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLBStor.sys -- (CLBStor)
DRV:64bit: - [2010/04/20 14:59:00 | 000,376,816 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\CLBUDF.sys -- (CLBUDF)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/09/28 08:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 19:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 19:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/07/13 19:06:40 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avcstrm.sys -- (AVCSTRM)
DRV:64bit: - [2009/07/13 19:06:39 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstape.sys -- (MSTAPE)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 16:42:04 | 000,475,136 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009/06/02 00:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2009/06/02 00:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2009/06/02 00:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2009/05/25 03:38:20 | 000,966,144 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/05/14 08:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duckduckgo.com/
IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes,DefaultScope = {497CB56E-0B4C-4008-B447-0F6A64A527C4}
IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes\{497CB56E-0B4C-4008-B447-0F6A64A527C4}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes\{76690B1D-8BEE-4907-AD75-C083F18D2404}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "DuckDuckGo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=714647"
FF - prefs.js..browser.search.selectedEngine: "DuckDuckGo"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://duckduckgo.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Redog\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Redog\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Redog\AppData\Roaming\IDM\idmmzcc5 [2013/11/28 19:54:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Social Privacy\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Redog\AppData\Roaming\IDM\idmmzcc5 [2013/11/28 19:54:37 | 000,000,000 | ---D | M]

[2012/01/30 09:42:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Extensions
[2013/12/04 04:52:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions
[2013/11/16 12:51:07 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013/07/16 17:55:21 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2013/04/15 15:29:52 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013/07/01 10:57:39 | 000,000,000 | ---D | M] (Purple Fox) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3ffb7be0-8bde-11de-8a39-0800200c9a66}
[2013/11/26 23:13:27 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/08/13 22:10:54 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/10/31 17:54:14 | 000,000,000 | ---D | M] (Ebay Button) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/11/24 13:11:45 | 000,000,000 | ---D | M] (MaskMe) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2012/02/05 00:30:18 | 000,000,000 | ---D | M] (Live Gold) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation
[2013/05/01 11:30:46 | 000,000,000 | ---D | M] (xThunder) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/08/30 14:05:32 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2012/02/02 18:36:33 | 000,012,748 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/11/22 06:54:49 | 002,094,224 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/11/06 02:44:23 | 001,338,622 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/10/25 12:21:22 | 000,833,307 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/10/30 08:44:46 | 000,320,988 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/12/02 12:41:04 | 000,088,665 | R--- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/11/22 06:54:37 | 002,853,720 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/07/21 11:44:54 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/07/28 03:45:36 | 000,347,599 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]
[2013/10/31 17:54:13 | 000,009,032 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{265b0520-499e-11d9-9669-0800200c9a66}.xpi
[2013/09/07 16:32:07 | 000,029,179 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{52a7f893-d228-412e-9b28-bc61491462f6}.xpi
[2013/09/16 02:50:51 | 000,281,800 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2013/12/03 18:22:56 | 000,535,138 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/02/02 18:50:57 | 000,032,544 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{d39a0050-191f-11df-8a39-0800200c9a66}.xpi
[2012/02/05 00:39:43 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012/08/28 11:39:08 | 000,723,159 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{dbd63b80-1735-11df-8a39-0800200c9a66}.xpi
[2013/12/02 12:41:04 | 001,333,491 | R--- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
[2013/02/06 20:01:35 | 000,010,339 | ---- | M] () -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\searchplugins\duckduckgo-1.xml
[2013/02/06 20:01:31 | 000,010,339 | ---- | M] () -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\searchplugins\duckduckgo.xml
[2012/02/02 16:41:08 | 000,001,119 | ---- | M] () -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\searchplugins\scroogle-ssl.xml
[2013/11/20 06:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/11/20 06:32:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/20 06:32:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/28 19:54:37 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\REDOG\APPDATA\ROAMING\IDM\IDMMZCC5

========== Chrome ==========

CHR - default_search_provider: Conduit Search ()
CHR - default_search_provider: search_url = http://www.google.com
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjamodcfmindeooalnaodbgbckflcfgb\1.2.0.2_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gphdmnilpmjaioploikmbpgkjfbagidf\3.0.3_0\
CHR - Extension: IDM Integration Module = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.3_0\
CHR - Extension: IDM Integration Module = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.3_1\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhejngphiacapbgllhagbpdkkdieeaej\1.4_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\phngnmnglpbgiogjjcbllnlldehpnadg\2.0.3_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [soundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
F3:64bit: - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001 WinNT: Load - (C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com) - File not found
F3 - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001 WinNT: Load - (C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Run LiveleakDownloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\Liveleak Downloader\LiveleakDownloader(xmlbar).exe File not found
O9 - Extra 'Tools' menuitem : Liveleak Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\Liveleak Downloader\LiveleakDownloader(xmlbar).exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D8293A4-E241-49E4-90A2-0984EF22F4E2}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2AA19AB9-C644-4FF0-AF23-587D08155F27}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45E6870D-0465-4503-86F8-2B8236229B3C}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76EE4D70-CE2F-4E18-B96B-D25F4F437B55}: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76EE4D70-CE2F-4E18-B96B-D25F4F437B55}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{15360ea1-451a-11e1-a9d3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{15360ea1-451a-11e1-a9d3-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Install.exe
O33 - MountPoints2\{6dafcf36-6221-11e0-ad60-0015af507bd9}\Shell - "" = AutoRun
O33 - MountPoints2\{6dafcf36-6221-11e0-ad60-0015af507bd9}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/04 10:54:26 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/12/04 04:49:27 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/30 10:51:45 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/11/30 10:51:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/28 06:10:33 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/28 05:44:47 | 000,175,480 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013/11/26 06:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/11/21 11:47:50 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/21 11:45:54 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/21 11:45:54 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/21 11:45:52 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/21 11:45:52 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/21 11:45:52 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/21 11:45:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/21 11:45:51 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/21 11:45:51 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/21 11:45:51 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/21 11:45:51 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/21 11:45:51 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/21 11:45:51 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/21 11:45:51 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/21 11:45:51 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/21 11:45:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/21 11:45:51 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/21 11:45:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/21 11:45:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/21 11:45:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/21 11:45:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/21 11:45:51 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/21 11:45:51 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/21 11:45:51 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/21 11:45:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/21 11:45:50 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/21 11:45:50 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/21 11:45:50 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/21 11:45:50 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/21 11:45:50 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/21 11:45:50 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/21 11:45:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/21 11:45:50 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/21 11:45:50 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/21 11:45:50 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/21 11:45:50 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/21 11:45:50 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/21 11:45:50 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/21 11:45:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/21 11:45:50 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/21 11:45:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/21 11:45:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/21 11:45:50 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/21 11:45:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/21 11:45:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/21 11:45:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/21 11:45:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/21 11:45:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/21 11:45:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/21 11:45:49 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/21 11:45:49 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/21 11:45:49 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/21 11:45:49 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/21 11:45:49 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/21 11:45:49 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/21 11:45:49 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/21 11:45:49 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/21 11:45:49 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/21 11:45:49 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/21 11:45:49 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/21 11:45:49 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/21 11:45:49 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/21 11:45:49 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/21 11:45:49 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/21 11:45:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/21 11:45:49 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/21 11:45:49 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/21 11:45:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/21 11:45:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/21 11:45:48 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/21 11:45:48 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/21 11:45:48 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/21 11:45:48 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/21 11:45:48 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/21 11:45:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/21 11:45:48 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/21 11:45:48 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/21 11:45:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/21 11:45:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/21 11:45:48 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/21 11:45:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/20 06:32:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/13 18:12:44 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/13 18:12:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/13 18:12:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/13 18:12:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/13 18:12:42 | 006,578,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/11/13 18:12:42 | 005,698,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/11/13 18:12:42 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/11/13 18:12:42 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/11/13 18:12:42 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2013/11/13 18:12:42 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2013/11/13 18:12:42 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/11/13 18:12:42 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/11/13 18:12:42 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/11/13 18:12:42 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/11/13 18:12:42 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/11/13 18:12:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/11/13 18:12:42 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/11/13 18:12:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/11/13 18:10:59 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/13 18:10:59 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/13 18:10:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/13 18:10:59 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/13 18:10:59 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/13 18:10:57 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2013/11/13 18:10:57 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2013/11/13 13:52:03 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/13 13:52:03 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/13 13:52:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/13 13:52:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/13 13:52:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/13 13:51:58 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/13 13:51:49 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/13 13:51:49 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/13 13:51:49 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/13 13:51:49 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 13:51:35 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/11 09:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/11/11 09:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013/11/11 08:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\sp
[2013/11/05 21:55:48 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/04 21:52:42 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2013/11/04 14:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
[2013/11/04 14:06:12 | 000,000,000 | ---D | C] -- C:\Users\Redog\AppData\Local\Chromium
[2013/11/04 14:06:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SRWare Iron
[2011/05/03 20:40:19 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Redog\AppData\Roaming\pcouffin.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/04 11:52:09 | 000,015,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/04 11:52:09 | 000,015,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/04 11:50:38 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/04 11:50:38 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/04 11:50:38 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/04 11:44:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/04 11:44:29 | 536,174,591 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/04 11:35:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1659189456-1754463573-1767136624-1001UA.job
[2013/12/04 10:35:24 | 000,001,232 | ---- | M] () -- C:\Users\Redog\Desktop\ScorpionSaver 12 2013 - Shortcut.lnk
[2013/12/02 13:35:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1659189456-1754463573-1767136624-1001Core.job
[2013/11/30 10:51:46 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/27 19:24:18 | 000,175,480 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013/11/21 11:45:54 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/21 11:45:54 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/21 11:45:52 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/21 11:45:52 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/21 11:45:52 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/21 11:45:52 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/21 11:45:51 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/21 11:45:51 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/21 11:45:51 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/21 11:45:51 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/21 11:45:51 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/21 11:45:51 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/21 11:45:51 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/21 11:45:51 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/21 11:45:51 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/21 11:45:51 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/21 11:45:51 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/21 11:45:51 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/21 11:45:51 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/21 11:45:51 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/21 11:45:51 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/21 11:45:51 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/21 11:45:51 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/21 11:45:51 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/21 11:45:51 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/21 11:45:50 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/21 11:45:50 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/21 11:45:50 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/21 11:45:50 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/21 11:45:50 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/21 11:45:50 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/21 11:45:50 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/21 11:45:50 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/21 11:45:50 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/21 11:45:50 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/21 11:45:50 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/21 11:45:50 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/21 11:45:50 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/21 11:45:50 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/21 11:45:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/21 11:45:50 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/21 11:45:50 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/21 11:45:50 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/21 11:45:50 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/21 11:45:50 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/21 11:45:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/21 11:45:50 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/21 11:45:50 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/21 11:45:50 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/21 11:45:49 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/21 11:45:49 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/21 11:45:49 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/21 11:45:49 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/21 11:45:49 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/21 11:45:49 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/21 11:45:49 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/21 11:45:49 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/21 11:45:49 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/21 11:45:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/21 11:45:49 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/21 11:45:49 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/21 11:45:49 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/21 11:45:49 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/21 11:45:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/21 11:45:49 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/21 11:45:49 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/21 11:45:49 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/21 11:45:49 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/21 11:45:49 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/21 11:45:49 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/21 11:45:48 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/21 11:45:48 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/21 11:45:48 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/21 11:45:48 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/21 11:45:48 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/21 11:45:48 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/21 11:45:48 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/21 11:45:48 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/21 11:45:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/21 11:45:48 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/21 11:45:48 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/21 11:45:48 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/14 17:32:21 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/11/14 17:32:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/11 09:34:03 | 000,001,053 | ---- | M] () -- C:\Users\Public\Desktop\Firefox.lnk
[2013/11/11 09:34:02 | 000,001,441 | ---- | M] () -- C:\Users\Redog\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2013/11/04 15:54:47 | 000,001,032 | ---- | M] () -- C:\Users\Redog\Application Data\Microsoft\Internet Explorer\Quick Launch\SRWare Iron.lnk
[2013/11/04 15:54:47 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\SRWare Iron.lnk
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/04 10:35:24 | 000,001,232 | ---- | C] () -- C:\Users\Redog\Desktop\ScorpionSaver 12 2013 - Shortcut.lnk
[2013/11/30 10:51:46 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/21 11:45:51 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/21 11:45:49 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/04 15:54:47 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\SRWare Iron.lnk
[2013/11/04 14:06:12 | 000,001,032 | ---- | C] () -- C:\Users\Redog\Application Data\Microsoft\Internet Explorer\Quick Launch\SRWare Iron.lnk
[2013/10/08 11:51:23 | 000,000,017 | ---- | C] () -- C:\Users\Redog\AppData\Local\resmon.resmoncfg
[2013/03/15 20:24:33 | 000,000,886 | ---- | C] () -- C:\Users\Redog\AppData\Local\recently-used.xbel
[2012/11/24 21:46:55 | 000,061,132 | ---- | C] () -- C:\Users\Redog\AppData\Local\rx_audio.Cache
[2011/09/25 20:14:39 | 000,913,708 | ---- | C] () -- C:\Users\Redog\AppData\Local\rx_image32.Cache
[2011/08/29 16:50:43 | 000,000,520 | ---- | C] () -- C:\Users\Redog\AppData\Roaming\SamsungLiveUpdateConfig.ini
[2011/05/13 08:26:05 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/05/07 05:30:39 | 000,000,290 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/05/03 20:40:19 | 000,099,384 | ---- | C] () -- C:\Users\Redog\AppData\Roaming\inst.exe
[2011/05/03 20:40:19 | 000,007,859 | ---- | C] () -- C:\Users\Redog\AppData\Roaming\pcouffin.cat
[2011/05/03 20:40:19 | 000,001,167 | ---- | C] () -- C:\Users\Redog\AppData\Roaming\pcouffin.inf

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/11 02:09:40 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/01/11 02:09:40 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012/10/10 12:47:03 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\.Tribler
[2011/12/16 08:12:41 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Activision
[2013/09/23 20:46:24 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\AVG2014
[2013/11/21 11:50:32 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\BitTorrent
[2011/11/26 19:05:23 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Bizarre Creations
[2011/12/16 10:24:08 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Capcom
[2011/05/03 00:35:25 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Easeware
[2013/11/28 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\IDM
[2011/11/19 17:12:27 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\ImgBurn
[2011/04/08 18:33:04 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Leadertech
[2012/01/30 10:08:53 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Pegasus Mail
[2011/04/10 11:34:38 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Simple Star
[2012/01/31 17:07:01 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Thunderbird
[2012/12/13 18:58:28 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\TuneUp Software
[2012/10/30 16:56:58 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Ulead Systems
[2012/11/08 18:57:10 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Vso
[2012/03/14 15:33:19 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\WinAVI
[2012/11/25 11:48:31 | 000,000,000 | ---D | M] -- C:\Users\Redog\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

Extra Log:

OTL Extras logfile created on: 12/4/2013 11:51:26 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.27 Gb Available Physical Memory | 71.14% Memory free
12.00 Gb Paging File | 10.13 Gb Available in Paging File | 84.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78.53 Gb Total Space | 20.44 Gb Free Space | 26.03% Space Free | Partition Type: NTFS
Drive D: | 33.16 Gb Total Space | 6.06 Gb Free Space | 18.29% Space Free | Partition Type: NTFS
Drive F: | 4.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive J: | 635.25 Gb Total Space | 93.47 Gb Free Space | 14.71% Space Free | Partition Type: NTFS
Drive K: | 296.13 Gb Total Space | 92.21 Gb Free Space | 31.14% Space Free | Partition Type: NTFS

Computer Name: T00T1E_3564 | User Name: Redog | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FD565D-F616-4586-AEE3-30F1125A3A03}" = rport=445 | protocol=6 | dir=out | app=system |
"{2E17C767-285D-4CAA-A990-E29DF4470FBE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{37C04776-BE2E-49F6-92D9-F76BE3CF05C4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4F8B958A-B4A5-409E-935E-733FEACCCF23}" = lport=137 | protocol=17 | dir=in | app=system |
"{54E28ACF-3236-4370-9D13-AF59014F0603}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5E0AA4F8-3B45-4019-9C5B-C5AF561C5D70}" = rport=139 | protocol=6 | dir=out | app=system |
"{71AF8297-EF0F-4A0B-8907-D80DCB02D0F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72BFC3EB-1B01-4C8B-A65C-D334EA88FA7E}" = lport=445 | protocol=6 | dir=in | app=system |
"{7E411DD1-EFE6-4C73-8A41-945BB76E6367}" = rport=10243 | protocol=6 | dir=out | app=system |
"{83EE96E2-6696-4F5A-A29E-803C4461D47C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8C2EF7DC-DFAF-4E0C-B4BC-54783D366286}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8CBE5199-B828-41F7-BAED-9FBCCBF97D89}" = rport=138 | protocol=17 | dir=out | app=system |
"{8D492331-79F5-4C04-944F-B0BAFBBA1DEC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{93AF88D0-00C9-42BB-B19C-2D43EA5454EE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9EB5C0A-33E3-4B57-B9CC-4CD1339E2DE6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BF5ED522-6699-43CA-AF20-F5EE3464467D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BFCC7F91-0AC1-457A-8EFB-6E9B974571EA}" = lport=139 | protocol=6 | dir=in | app=system |
"{C3AC60C9-A605-4AA2-AD5E-870D04E31A54}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C893B01A-3380-4683-B4EE-D46FA6412102}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE91B7AE-A486-47DE-912A-459E67DD83DC}" = rport=137 | protocol=17 | dir=out | app=system |
"{DEA037CB-808F-4398-B2C9-C4741DAF60ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E58D2FC4-0D4B-4258-B218-30B14634A25C}" = lport=138 | protocol=17 | dir=in | app=system |
"{E7D922DE-8851-48E7-8C9E-0DF1EDB3D98D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03036419-1D69-4ECF-8FFE-227AA3ABBC03}" = protocol=17 | dir=in | app=c:\users\redog\appdata\local\temp\7zs4fc9\hppiw.exe |
"{0A08B9F6-4019-4C37-AF17-9C1B10C25773}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{0AF02342-9486-4532-8FB5-3C21E23567BE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0C14DA87-D353-4AC9-BF29-515FC2806326}" = protocol=1 | dir=in | [email protected],-28543 |
"{0C7AC355-3AE5-40F5-A5FD-02CBE513C5A6}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{0E8C9104-6797-4A55-AD18-4660070EA52E}" = protocol=17 | dir=in | app=e:\setup.exe |
"{129BE867-34FC-48E6-BAF9-9FA5BC7ECAEE}" = protocol=6 | dir=in | app=c:\users\redog\appdata\roaming\bittorrent\bittorrent.exe |
"{15AF5C7C-B557-41C4-9E7D-29EAE4EC53F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{17008346-5078-460C-810A-860F33C40292}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B476FE1-4742-4FF4-B6CF-FE9D1DBEC2BD}" = protocol=17 | dir=in | app=e:\setup.exe |
"{1C5AE9B1-0459-4BB8-8C53-21066E294F37}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{21ED90B9-E419-4E48-8EDE-228115BF8AFB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{2410216F-018A-4EDF-A826-9489570F7A40}" = protocol=58 | dir=in | [email protected],-28545 |
"{248C1BEF-DA77-485B-BB62-F9F98856DFB9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{34C39806-BD5B-4C8C-A281-8EC80726386D}" = protocol=6 | dir=in | app=j:\jb 007 quantum of solace\jb_liveengine_s.exe |
"{39A30931-A93D-473F-AF83-01C55377BFD1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{3E53F0C1-EB7C-4596-A86C-14F00EB707D7}" = protocol=6 | dir=in | app=e:\setup.exe |
"{42F7C94A-9733-4DBC-8935-0947FB735F11}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{49C7137B-EABF-4C46-8158-F3228A8C6354}" = protocol=6 | dir=in | app=j:\moto gp 2008\launcher.exe |
"{4CB32928-0BB2-450C-A6A8-70F239654456}" = protocol=6 | dir=in | app=e:\setup.exe |
"{4D5A83F7-CAC1-47A5-9C23-BCA3777C8EB6}" = protocol=6 | dir=out | app=system |
"{56ADC48E-37C0-45E3-A09B-2142B7473B2F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5FE9E016-4E72-4FBF-AB50-6DFAF533A0B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6491292C-838C-42C2-88D6-34F7EA4EA979}" = protocol=17 | dir=in | app=j:\jb 007 quantum of solace\jb_liveengine_s.exe |
"{6610ED1C-B067-42CB-9742-CEF48F9D4BA0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{7673FEE9-5B5C-45E0-80E4-4A83E944EBED}" = protocol=17 | dir=in | app=j:\moto gp 2008\launcher.exe |
"{7928B7C7-A23B-46C9-A403-51DC939C7A5C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{797B82FC-9343-4B11-A436-25A159EF27E8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{7CEB3282-C547-4930-B9E0-0C186602F45E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{80479EA6-278A-4217-85CE-02E95D0FD693}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{815630A0-3CE3-4EFB-AA3A-B71912240BEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{820535A1-C259-40BD-BF14-558FF14E5529}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{85650DFF-74F1-458A-861C-A365ACD65ED2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{8CCAE532-C068-4A99-952A-187938EED635}" = protocol=17 | dir=in | app=c:\program files (x86)\tribler\tribler.exe |
"{94531526-8757-4EE4-8321-EECD3331F61C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9930046E-27C3-4BB6-B5C2-D6E37D19B424}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A161BBB-664F-41B6-B42F-C8E0F58FE9DF}" = protocol=17 | dir=in | app=c:\program files (x86)\tribler\swift.exe |
"{9ACC2FC6-6A34-4165-B199-CE195D841556}" = protocol=6 | dir=in | app=c:\program files (x86)\tribler\tribler.exe |
"{A1129756-BD6C-4B23-AA1D-C0020831BE09}" = protocol=17 | dir=in | app=c:\users\redog\appdata\roaming\bittorrent\bittorrent.exe |
"{A4926CAA-5CD7-4BEC-B4AF-BDC09A458CFF}" = protocol=6 | dir=in | app=j:\damnation\binaries\damngame.exe |
"{A8898481-28CC-482D-92CA-B705DAF23673}" = protocol=58 | dir=out | [email protected],-28546 |
"{AAD00443-066B-47EF-9607-C1E89A94E2C1}" = protocol=1 | dir=out | [email protected],-28544 |
"{AD2D2204-0A64-45DB-A36A-0302968C1F71}" = protocol=17 | dir=in | app=j:\damnation\binaries\damngame.exe |
"{AE677221-7DFB-47C4-8F6F-959C0391DB8A}" = protocol=6 | dir=in | app=c:\program files (x86)\tribler\swift.exe |
"{BDFEFCD5-2292-486C-97AA-B0A9998F53A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C122D3D4-47DD-4B21-8955-A057262B23A4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{CD8030C8-6CF4-4716-92CF-A64FD3CD952B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{D0D40518-9ADD-445A-B603-F669F0985347}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{D8B3E27A-3EAC-40A4-9001-0A449A9C42A2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{D8E4DB77-BD9E-43D6-BB1B-FE18B759DA76}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DECC7F3D-6887-4F52-B71D-496351955DC6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1EAD54D-F848-432E-A2C0-B962ABD439D8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EBB201DD-9ABF-4985-B068-6F18CDC5260F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EF482911-3BCD-4F91-BAEE-1BDE66316942}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{F0D16CC8-CED3-4185-B660-8B73AE2F720E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F527CDF4-59FB-4F19-9A64-C3D0B8125AF4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD1EF11E-725D-4C7C-A5F1-1F2F83916F85}" = protocol=6 | dir=in | app=c:\users\redog\appdata\local\temp\7zs4fc9\hppiw.exe |
"{FE416BC7-5D70-4239-9AA8-13A61409A8A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{4A1AE217-FED2-4EC2-83AF-563082038C60}D:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe" = protocol=6 | dir=in | app=d:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe |
"TCP Query User{510F28D2-D215-406E-BD94-FDE67FAFE6AC}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@programfiles@\alcohol soft\alcohol 120\starwind\starwindserviceae.exe" = protocol=6 | dir=in | app=c:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@programfiles@\alcohol soft\alcohol 120\starwind\starwindserviceae.exe |
"TCP Query User{A464F377-C0A3-431A-9683-937AC86543DA}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{D7BA6984-D06E-427C-8EE4-665E537713C5}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{09D6E20D-231C-4A3F-A590-6FBC014E0394}C:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@programfiles@\alcohol soft\alcohol 120\starwind\starwindserviceae.exe" = protocol=17 | dir=in | app=c:\users\redog\appdata\local\xenocode\sandbox\ldr_alcohol_r.exe\2.0.1.2033\2010.09.18t21.28\virtual\stubexe\8.0.1135\@programfiles@\alcohol soft\alcohol 120\starwind\starwindserviceae.exe |
"UDP Query User{15218D78-AE8B-4639-8960-29C060C9D9C0}D:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe" = protocol=17 | dir=in | app=d:\libraries\documents\programs 2011\bit torrent 7 2 1\bittorrent-7.2.1.exe |
"UDP Query User{87B7AB44-FECF-4780-8113-D134AC80F0F9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{B35207AA-1DDC-44B7-A383-C5C231330A46}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0921-000001000000}" = 7-Zip 9.21 (x64 edition)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.8 (64-bit)
"{34883B9C-CDFE-46F0-9C5B-935484C218C3}" = AVG 2014
"{5CD17330-2599-479A-B8D1-E5E60C9F212F}" = AVG 2014
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 7.00
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{C5970161-E13E-6661-BBDA-A08268313C83}" = ATI Catalyst Install Manager
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EE269999-1AB7-7B39-7944-513CF3426CB8}" = AMD Drag and Drop Transcoding
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2014
"GIMP-2_is1" = GIMP 2.8.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"sp6" = Logitech SetPoint 6.22

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate
"{13C64D80-2447-4509-B98D-614CAF6A9D42}" = Damnation
"{15C77FC3-8137-4A5E-8F81-F559045DD6B0}" = Click-N-Ship for BusinessÂ®
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"{211B0612-B93E-493A-9209-FC583D715444}_is1" = STL Viewer 2.3
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4433FF9E-AF21-4E41-B296-4E13BF4D52F5}" = Roxio Creator 2011 Pro
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteurâ„¢
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77CDA026-3860-4C95-8233-34F3CEF121FB}" = Roxio Creator 2011 Pro
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5F1282-D6F8-4F04-B73E-D9286924E9AC}" = Roxio Creator 2011 Pro
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1644527-B0FF-485B-8412-3C7504A2F188}" = Quantum of Solace 1.1 Patch
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F1CA85-C713-4B1F-B3B4-B2B7A6824146}" = LightScribe System Software
"{A9024A22-FB0E-4DDC-AB93-44D686F7F491}" = Roxio CinePlayer
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = CyberLink PowerBackup
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE
"{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}" = MotoGP 08
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C3C697E8-9183-4088-994C-2662166830BC}" = Damnation
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron version SRWare Iron 30.0.1650.0
"{C82185E8-C27B-4EF4-2010-4444BC2C2B6D}" = Microsoft Streets & Trips 2010
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}" = Quantum of Solace
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}" = Updater
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10th Edition
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack
"1Click DVD Copy Pro_is1" = 1Click DVD Copy Pro 4.2.7.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CodeStuff Starter" = CodeStuff Starter
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD43 Plug-in_is1" = DVD43 Plug-in v1.0.0.5
"EADM" = EA Download Manager
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"ImgBurn" = ImgBurn
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Blu-ray Disc Suite
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{A1644527-B0FF-485B-8412-3C7504A2F188}" = Quantum of Solace 1.1 Patch
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}" = Quantum of Solace
"InstallShield_{E9AE9A91-AB45-4321-87BD-AD34855D944F}" = Chessmaster 10th Edition
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Roxio PhotoShow" = Roxio PhotoShow
"SecuROM Diagnostic Tool" = SecuROM Diagnostic Tool
"Shellshock2" = Shellshock 2
"Steam App 8190" = Just Cause 2
"Tribler" = Tribler
"VLC media player" = VLC media player 2.0.0
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ System Events ]
Error - 12/4/2013 12:45:05 PM | Computer Name = T00t1e_3564 | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Hard Drive Watcher 12 service to connect.

Error - 12/4/2013 12:45:05 PM | Computer Name = T00t1e_3564 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
lsnfd

< End of report >

theredog · December 4, 2013

Yes, I rebooted after running quick scan of Malwarebytes.

theredog · December 4, 2013

Hope I have checked all you asked for in Old Timers:

flashh4 · December 4, 2013

Back shortly .... emergency

flashh4 · December 4, 2013

Sorry bout that but real life comes before anything !

Be back with more shortly !

Thanks

Chuck

flashh4 · December 4, 2013

Hi Redog, lets continue !

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.

NEXT

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the . text box of the OTL tool/program ! Start with and include the colon plus :OTL

:OTLIE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes,DefaultScope = {497CB56E-0B4C-4008-B447-0F6A64A527C4}IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SRIE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes\{497CB56E-0B4C-4008-B447-0F6A64A527C4}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}IE - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001\..\SearchScopes\{76690B1D-8BEE-4907-AD75-C083F18D2404}: "URL" = http://search.yahoo....&type=714647&p={searchTerms}FF - user.js - File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not foundFF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll File not found[2012/01/30 09:42:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Extensions[2013/12/04 04:52:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions[2013/08/30 14:05:32 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2012/02/02 18:36:33 | 000,012,748 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/11/22 06:54:49 | 002,094,224 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/11/06 02:44:23 | 001,338,622 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/10/25 12:21:22 | 000,833,307 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/10/30 08:44:46 | 000,320,988 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/12/02 12:41:04 | 000,088,665 | R--- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/11/22 06:54:37 | 002,853,720 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/07/21 11:44:54 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/07/28 03:45:36 | 000,347,599 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected][2013/10/31 17:54:13 | 000,009,032 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{265b0520-499e-11d9-9669-0800200c9a66}.xpi[2013/09/07 16:32:07 | 000,029,179 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{52a7f893-d228-412e-9b28-bc61491462f6}.xpi[2013/09/16 02:50:51 | 000,281,800 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi[2013/12/03 18:22:56 | 000,535,138 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi[2012/02/02 18:50:57 | 000,032,544 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{d39a0050-191f-11df-8a39-0800200c9a66}.xpi[2012/02/05 00:39:43 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi[2012/08/28 11:39:08 | 000,723,159 | ---- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{dbd63b80-1735-11df-8a39-0800200c9a66}.xpi[2013/12/02 12:41:04 | 001,333,491 | R--- | M] () (No name found) -- C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi[2013/11/20 06:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[2013/11/20 06:32:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensionsCHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjamodcfmindeooalnaodbgbckflcfgb\1.2.0.2_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gphdmnilpmjaioploikmbpgkjfbagidf\3.0.3_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhejngphiacapbgllhagbpdkkdieeaej\1.4_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\CHR - Extension: No name found = C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\phngnmnglpbgiogjjcbllnlldehpnadg\2.0.3_0\O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundO4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not foundF3:64bit: - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001 WinNT: Load - (C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com) -  File not foundF3 - HKU\S-1-5-21-1659189456-1754463573-1767136624-1001 WinNT: Load - (C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com) -  File not foundO9 - Extra Button: Run LiveleakDownloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\Liveleak Downloader\LiveleakDownloader(xmlbar).exe File not foundO9 - Extra 'Tools' menuitem : Liveleak Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\Liveleak Downloader\LiveleakDownloader(xmlbar).exe File not foundO1364bit: - gopher Prefix: missingO13 - gopher Prefix: missingO18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not foundO18:64bit: - Protocol\Handler\ms-itss - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.:Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

Post Next:
1. Security Check
2. OTL Fix Log

Thanks
Chuck

flashh4 · December 10, 2013

No reply for 5 days i will now lock this topic if you need it re-opened please PM me or another Mod !

Thanks

Chuck

theredog · December 11, 2013

Results of screen317's Security Check version 0.99.77
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
AVG AntiVirus Free Edition 2014
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.0
Java 7 Update 45
Adobe Flash Player 11.9.900.152
Adobe Reader 10.1.8 Adobe Reader out of Date!
Mozilla Firefox (25.0.1)
Google Chrome 31.0.1650.57
Google Chrome 31.0.1650.63
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 17% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

=====================================================================================================================

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Microsoft\Internet Explorer\SearchScopes\{497CB56E-0B4C-4008-B447-0F6A64A527C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{497CB56E-0B4C-4008-B447-0F6A64A527C4}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\Software\Microsoft\Internet Explorer\SearchScopes\{76690B1D-8BEE-4907-AD75-C083F18D2404}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76690B1D-8BEE-4907-AD75-C083F18D2404}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1\ deleted successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\META-INF folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3ffb7be0-8bde-11de-8a39-0800200c9a66}\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3ffb7be0-8bde-11de-8a39-0800200c9a66} folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}\defaults\preferences folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}\defaults folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{241aae70-0022-11de-87af-0800200c9a66} folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\ipdb folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\defaults\preferences folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\defaults folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\chrome\flagfox\modules folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\chrome\flagfox folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\defaults\preferences folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\defaults folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\components folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\skin folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\zh-TW folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\zh-CN folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\en-US folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\defaults\preferences folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\defaults folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\components folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome\skin\classic folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome\skin folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome\locale\zh-TW folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome\locale\zh-CN folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome\locale\en-US folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome\locale folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome\content folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\livegold@dotcreation folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\pages\panels folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\pages\images\manage folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\pages\images folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\pages\fonts folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\pages folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\META-INF folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\images folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\components folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\skin folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\en-US folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\vendor\twitter_bootstrap folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\vendor\pidcrypt folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\vendor folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\storage folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\lib folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\skin\flags folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\skin folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\nl-NL folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\ja-JP folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\it-IT folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\fr-FR folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\es-ES folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\en-US folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\de-DE folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale\be-BE folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\locale folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\content\xul folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\content\lib folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\content\framework folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\content\data folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\content folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\META-INF folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\defaults\preferences folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\defaults folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\components folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\skin folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\sv-SE folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\pt-PT folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\pt-BR folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\pl-PL folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\nl-NL folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\it-IT folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\fr-FR folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\es-ES folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\en-US folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale\de-DE folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\locale folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\themes\light\images\badge folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\themes\light\images folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\themes\light\css folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\themes\light folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\themes folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\templates folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\lib folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\images\counter folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\images\badge folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\images folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\fonts folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\ff folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content\css folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected]\chrome folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] folder moved successfully.
C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions folder moved successfully.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\[email protected] not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{265b0520-499e-11d9-9669-0800200c9a66}.xpi not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{52a7f893-d228-412e-9b28-bc61491462f6}.xpi not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{d39a0050-191f-11df-8a39-0800200c9a66}.xpi not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{dbd63b80-1735-11df-8a39-0800200c9a66}.xpi not found.
File C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\zh_TW folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\zh_CN folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\vi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\uk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\tr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\th folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\te folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ta folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\sv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\sr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\sl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\sk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ru folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ro folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\pt_PT folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\pt_BR folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\pl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\nl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\nb folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ms folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\lv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\lt folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ko folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ja folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\it folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\id folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\hu folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\hr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\he folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\fr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\fil folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\fi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\fa folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\et folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\es_419 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\es folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\en_US folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\en_GB folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\el folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\de folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\da folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\cs folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ca folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\bn folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\bg folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales\ar folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\_locales folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\skin\social folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\skin\features folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\skin folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\lib folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\jquery-ui\js folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\jquery-ui\css\smoothness\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\jquery-ui\css\smoothness folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\jquery-ui\css folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\jquery-ui folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\icons folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjamodcfmindeooalnaodbgbckflcfgb\1.2.0.2_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\_locales\zh_CN folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\_locales\ru folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\_locales\pl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\_locales\fr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\_locales\en folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\_locales\de folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\_locales folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\plugin\screen_capture.plugin\Contents\MacOS folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\plugin\screen_capture.plugin\Contents folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\plugin\screen_capture.plugin folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\plugin folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\i18n_styles folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\th folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\ru folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\nb folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\it folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\fr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\es folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\en folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\de folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales\cs folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\_locales folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\js folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\images\sign folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\images\flags folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\images\enginedefault folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0\css folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpojpfdiliekbbiplijcphappgcgjfn\0.4.1_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\options\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\options folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\icons folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gphdmnilpmjaioploikmbpgkjfbagidf\3.0.3_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhejngphiacapbgllhagbpdkkdieeaej\1.4_0\services folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhejngphiacapbgllhagbpdkkdieeaej\1.4_0\flags folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhejngphiacapbgllhagbpdkkdieeaej\1.4_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0\JS folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0\Images\Buttons folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0\Images\BG folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0\Images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0\CSS folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmcfehfciklhbhcagkolfnjdlnalgpd\1.0.2_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\_locales\zh_CN folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\_locales\ru folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\_locales\en folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\_locales folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\plugin folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\4.0.4_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0\static folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\vi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\uk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\tr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\th folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\sv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\sr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\sl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\sk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\ru folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\ro folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\pl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\nl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\nb folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\lv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\lt folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\ko folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\ja folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\it folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\id folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\hu folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\hr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\hi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\he folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\fr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\fil folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\fi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\et folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\es_419 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\es folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\en_GB folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\en folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\el folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\de folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\da folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\cs folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\ca folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\bg folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales\ar folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\_locales folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\vi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\uk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\tr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\th folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\sv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\sr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\sl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\sk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\ru folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\ro folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\pl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\nl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\nb folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\lv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\lt folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\ko folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\ja folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\it folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\id folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\hu folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\hr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\hi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\he folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\fr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\fil folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\fi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\et folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\es_419 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\es folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\en_GB folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\en folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\el folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\de folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\da folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\cs folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\ca folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\bg folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales\ar folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\_locales folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0\layouts folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\1.0.0.0_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\zh_TW folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\zh_CN folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\vi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\uk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\tr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\th folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\sv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\sr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\sl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\sk folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\ru folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\ro folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\pt_PT folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\pt_BR folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\pl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\no folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\nl folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\lv folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\lt folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\ko folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\ja folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\iw folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\it folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\id folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\hu folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\hr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\hi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\fr folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\fil folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\fi folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\es_419 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\es folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\en_GB folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\en folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\el folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\de folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\da folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\cs folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\ca folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\bg folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales\ar folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\_locales folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\styles folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\images\2x folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\images\1x folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\i18n folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\js folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\Icons folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\css\custom-theme\images folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\css\custom-theme folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\css folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\common folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\i folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0 folder moved successfully.
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\phngnmnglpbgiogjjcbllnlldehpnadg\2.0.3_0 folder moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry delete failed. HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com scheduled to be deleted on reboot.
Registry value HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{612F6E5C-B314-4bab-93D1-D266AAFBE700}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{612F6E5C-B314-4bab-93D1-D266AAFBE700}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{612F6E5C-B314-4bab-93D1-D266AAFBE700}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{612F6E5C-B314-4bab-93D1-D266AAFBE700}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: Public

User: Redog
->Java cache emptied: 390473 bytes

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Public

User: Redog
->Flash cache emptied: 2204 bytes

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Redog
->Temp folder emptied: 492371424 bytes
->Temporary Internet Files folder emptied: 486942880 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 276080846 bytes
->Google Chrome cache emptied: 95954007 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 736923000 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78039 bytes
RecycleBin emptied: 940349 bytes

Total Files Cleaned = 1,993.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 12112013_102438

Files\Folders moved on Reboot...
C:\Users\Redog\AppData\Local\Temp\7zS4FC9\HPSLPSVC64.DLL moved successfully.
C:\Users\Redog\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\Redog\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
64bit-Registry value HKEY_USERS\S-1-5-21-1659189456-1754463573-1767136624-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com deleted successfully.

flashh4 · December 11, 2013

Opened by request !!

Chuck

theredog · December 11, 2013

Posted the logs you requested above. I had AGV and Firewall disabled when I ran the checks though.

flashh4 · December 11, 2013

That's good !! Ok, lets finish this & see how it's running !

Clean up with OTL

    Right-click OTL.exe and select " Run as administrator " to run it.
    This will remove all the tools we used to clean your pc.
    Close all other programs apart from OTL as this step will require a reboot
    On the OTL main screen, press the CleanUp! button
    Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools or logs we used if they remain on your Desktop.

Let me know how it's running ??

Thanks

Chuck

theredog · December 11, 2013

Right click doesn't offer run as admin

theredog · December 11, 2013

I have another OTL in the Malware Removal folder that I can right click and run as admin, but it isn't the one I used before.

theredog · December 11, 2013

OK, ran the other in run as admin and I see after reboot that the OLT folder is gone from where it was.

I haven't seen the ScorpionSaver in control panel/program removal since the last scan on December 4th.

ScorpionSaver reinstalls after removal

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites