A2SCAN
Emsisoft Emergency Kit - Version 4.0
Last update: 5/31/2014 9:18:03 AM
User account: MONDON\rac
Scan settings:
Scan type: Smart Scan
Objects: Rootkits, Memory, Traces, C:\Windows\, C:\Program Files\, C:\Program Files (x86)\
Detect PUPs: Off
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
Scan start: 5/31/2014 9:19:17 AM
C:\Program Files (x86)\ietoolbar detected: Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\COMOBJECT.DESKBARENABLER detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\COMOBJECT.DESKBARENABLER.1 detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\URLSEARCHHOOK.TOOLBARURLSEARCHHOOK detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\URLSEARCHHOOK.TOOLBARURLSEARCHHOOK.1 detected: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\YOURFILEDOWNLOADER detected: Application.InstallAd (A)
C:\Program Files (x86)\IEToolbar\ detected: Adware.Win32.Bloxbar (A)
C:\Program Files (x86)\Searchprotect detected: Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C} detected: Adware.Win32.Mostofate (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B7D3E479-CC68-42B5-A338-938ECE35F419} detected: Adware.Win32.Mostofate (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR -> {B7D3E479-CC68-42B5-A338-938ECE35F419} detected: Adware.Win32.Mostofate (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} detected: Adware.Win32.BHO (A)
Key: HKEY_USERS\S-1-5-21-2204210288-1853318398-1552077053-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5} detected: Application.Win32.WSearch (A)
Scanned 233210
Found 13
Scan end: 5/31/2014 11:02:08 AM
Scan time: 1:42:51
Quarantined 0
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014
Ran by rac (administrator) on MONDON on 01-06-2014 02:53:19
Running from C:\Users\rac\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://C:\Program Files (x86)\Hosts_Anti_Adwares_PUPswww.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(MessengerPlus®) C:\Program Files\Yuna Software\Messenger Plus! for Skype\Messenger Plus! Ptc\MsgGuard.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Debenu Pty Ltd) C:\Program Files (x86)\Quick PDF Tools Pro\QuickPDFTCP0721.exe
(Reimage®) C:\Program Files\Reimage\Reimage Express\ReiGuard.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2584352 2013-02-02] (FSPro Labs)
HKLM\...\Run: [ALU] => C:\Program Files\Acer\Acer Updater\ALU.exe [2337144 2012-02-06] (Acer Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-04-25] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1734144 2013-05-29] (AimerSoft)
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\Run: [Blue Jet Button] => C:\Program Files (x86)\Blue Jet Button\bjb.exe [303616 2014-05-20] (Ixide Tools.)
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\Run: [Folder Scout] => C:\Program Files (x86)\Folder Scout Labs\Folder Scout 1\FolderScout.exe [5020160 2012-06-13] (Folder Scout Labs)
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [781824 2014-04-29] (ZONER software)
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\Policies\Explorer: [NoInternetOpenWith] 0
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\MountPoints2: F - F:\TL_Bootstrap.exe
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\MountPoints2: {31342531-cc0c-11e1-9e85-206a8a812aff} - E:\TL_Bootstrap.exe
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\MountPoints2: {667fea04-e0a9-11e3-be2a-206a8a812aff} - E:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-2204210288-1853318398-1552077053-1000\...\MountPoints2: {805dbc01-ef0f-11e1-ad3f-206a8a812aff} - E:\TL_Bootstrap.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN Client.lnk
ShortcutTarget: OpenVPN Client.lnk -> C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\uiboot.exe ()
Startup: C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start Picturelife.lnk
ShortcutTarget: Start Picturelife.lnk -> C:\Users\rac\AppData\Local\Apps\2.0\NBHRQ7VV.MZT\O3Q4E9VY.0X7\plsy..tion_bb555783f267aff2_0001.0001_64908c9735b7cd90\PLSync.exe (Picturelife, Inc.)
Startup: C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zoho Docs.lnk
ShortcutTarget: Zoho Docs.lnk -> C:\Users\rac\AppData\Roaming\ZohoDocs\bin\ZohoDocs.exe (Zoho Corporation Pvt. Ltd.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ighome.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {4CCF9AF7-541E-449C-AB6A-84D81FAEBB7D} URL = http://www.pagessyndication.com/google/?q={searchTerms}&lang=English (United States)
SearchScopes: HKCU - DefaultScope {7DA08DB5-FDF3-4960-A7C4-C94C2D9E9B3E} URL = http://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=fba09566fa924e96903544269bf182f2&tu=10OWz00DB2B0CO0&sku=&tstsId=&ver=&&r=930
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=pb2&co=TJ&userid=f3343465-5860-4fe2-82ba-fdea1cb2f4bf&sp=addr&q={searchTerms}&t=c0127&uid=8b345008
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {45C8A99D-AFC7-4403-8898-32E313CE2738} URL = http://www.mysearchresults.com/search?c=4001&t=01&q={searchTerms}
SearchScopes: HKCU - {4CCF9AF7-541E-449C-AB6A-84D81FAEBB7D} URL = http://www.pagessyndication.com/google/?q={searchTerms}&lang=English (United States)
SearchScopes: HKCU - {7A4DE510-3CE2-4987-9680-8F89BBCE4D04} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291325&CUI=UN42797670142903319&UM=2
SearchScopes: HKCU - {7DA08DB5-FDF3-4960-A7C4-C94C2D9E9B3E} URL = http://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=fba09566fa924e96903544269bf182f2&tu=10OWz00DB2B0CO0&sku=&tstsId=&ver=&&r=930
SearchScopes: HKCU - {C5E13688-86AA-46B9-AB27-0D2C86CFC38B} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Password Depot 6 - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - C:\Program Files (x86)\AceBIT\Password Depot 6\pdIEAddOn64.dll (AceBIT)
BHO-x32: VIPTToolbarManager Class - {1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D} - No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Password Depot 6 - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - C:\Program Files (x86)\AceBIT\Password Depot 6\pdIEAddOn32.dll (AceBIT)
BHO-x32: XBTB01629 Class - {B4AA87D3-AFA8-4193-9DF1-F35C37391E89} - C:\Program Files (x86)\IEToolbar\BargainChecker.com Typo Finder Toolbar\tbcore3.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {E70C26AE-DFF1-40A8-8D37-19180F56F0AA} - No File
Toolbar: HKLM-x32 - BargainChecker.com Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files (x86)\IEToolbar\BargainChecker.com Typo Finder Toolbar\tbcore3.dll ()
Toolbar: HKCU - No Name - {B7D3E479-CC68-42B5-A338-938ECE35F419} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
FireFox:
========
FF ProfilePath: C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: hxxp://www.ighome.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\rac\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF user.js: detected! => C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\searchplugins\torrent-metasearch.xml
FF SearchPlugin: C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\searchplugins\torrentfinder.xml
FF SearchPlugin: C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\searchplugins\torrents-search.xml
FF Extension: Ant Video Downloader - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\anttoolbar@ant.com [2014-05-14]
FF Extension: Form History Control - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\formhistory@yahoo.com [2014-04-23]
FF Extension: Autofill Forms - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\autofillForms@blueimp.net.xpi [2013-10-16]
FF Extension: Ghostery - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\firefox@ghostery.com.xpi [2013-10-16]
FF Extension: Google Search by Image - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\google@hitachi.com.xpi [2013-10-16]
FF Extension: Heartbleed Notifier - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\heartbleed@dactyl.googlecode.com.xpi [2014-04-28]
FF Extension: Better Torrent - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\jid0-HVSBDzuc3UFGvmtex3x0IZzgCM8@jetpack.xpi [2013-10-16]
FF Extension: fxbleed - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\jid1-eMhaOaq3SPBFDg@jetpack.xpi [2014-04-28]
FF Extension: FoxBleed - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\jid1-Ni8A2ixlGmYBiw@jetpack.xpi [2014-04-22]
FF Extension: DuckDuckGo Plus - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-10-16]
FF Extension: Blingee Toolbar - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\{6226BA26-C017-4007-928C-DE9715C6FA67}.xpi [2014-02-13]
FF Extension: StumbleUpon - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-10-16]
FF Extension: Pixlr Grabber - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\hqfvgtvg.default-1381947743664\Extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi [2013-10-16]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [passworddepot@acebit.com] - C:\Program Files (x86)\AceBIT\Password Depot 6\Firefox\
FF Extension: Password Depot Extension - C:\Program Files (x86)\AceBIT\Password Depot 6\Firefox\ []
Chrome:
=======
CHR DefaultSearchProvider: Search By ZoneAlarm
CHR DefaultSearchURL: http://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=fba09566fa924e96903544269bf182f2&tu=10OWz00DB2B0CO0&sku=&tstsId=&ver=&
CHR Extension: (ggrEatsoAveer) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcpjjhmapbadgjlgfmkkbpbpiomladcd [2013-12-25]
CHR HKLM\...\Chrome\Extension: [blcefchbfgmakifmejncnbognjoadloc] - C:\Program Files\CoolPic - Fun Social Pictures\source.crx [2013-12-25]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\rac\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-12-25]
CHR HKLM-x32\...\Chrome\Extension: [blcefchbfgmakifmejncnbognjoadloc] - C:\Program Files\CoolPic - Fun Social Pictures\source.crx [2013-12-25]
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [2013-12-25]
CHR HKLM-x32\...\Chrome\Extension: [gnfaiijpfcmdehcgcnnippmnhjjnbllp] - C:\Program Files (x86)\Blingee Plus\blingee_plus_nt.crx [2013-12-25]
CHR HKLM-x32\...\Chrome\Extension: [imkcgcjpeajeajpcpbdbgbknfaijnpdc] - C:\Program Files (x86)\AceBIT\Password Depot 6\crx.crx [2012-10-22]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2012-10-22]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [355112 2012-11-29] ()
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [162648 2012-03-16] (Intel Corporation)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 MessengerPlus; C:\Program Files\Yuna Software\Messenger Plus! for Skype\Messenger Plus! Ptc\MsgGuard.exe [7275376 2014-04-01] (MessengerPlus®)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 OpenVPNAccessClient; C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [24064 2010-08-12] ()
R2 QuickPDFTCPService0721; C:\Program Files (x86)\Quick PDF Tools Pro\QuickPDFTCP0721.exe [1918464 2010-08-13] (Debenu Pty Ltd)
R2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Express\ReiGuard.exe [5100392 2014-01-15] (Reimage®)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-04-25] (Check Point Software Technologies Ltd.)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [76960 2012-02-27] (Atheros)
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
==================== Drivers (Whitelisted) ====================
S4 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2014-01-14] (Emsisoft GmbH)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-11-30] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-11-30] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-11-30] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-11-30] (LG Electronics Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-04-13] (Glarysoft Ltd)
R3 cleanhlp; C:\EEK\RUN\cleanhlp64.sys [57024 2014-01-14] (Emsisoft GmbH)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)
S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [15160 2010-06-03] (Windows ® Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2011-02-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2011-02-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2011-02-14] (LG Electronics Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450968 2014-04-24] (Check Point Software Technologies Ltd.)
S3 vwhid; C:\Windows\System32\DRIVERS\vwhid.sys [27296 2013-01-27] (Windows ® Win 7 DDK provider)
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [31744 2012-03-12] (Google Inc)
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [29696 2012-03-12] (LG Electronics Inc.)
S3 vzandnetgps; C:\Windows\System32\DRIVERS\lgvzandnetgps64.sys [28672 2012-03-12] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [36864 2012-03-12] (LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94208 2012-03-12] (LG Electronics Inc.)
R1 xlkfs; C:\Windows\System32\DRIVERS\xlkfs.sys [30456 2012-05-04] (XOSLAB.COM)
U3 DfSdkS;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-01 02:53 - 2014-06-01 02:53 - 00026664 _____ () C:\Users\rac\Desktop\FRST.txt
2014-06-01 02:52 - 2014-06-01 02:53 - 00000000 ____D () C:\FRST
2014-06-01 02:46 - 2014-06-01 02:46 - 02067456 _____ (Farbar) C:\Users\rac\Desktop\FRST64.exe
2014-05-31 20:32 - 2014-05-31 20:32 - 00001046 _____ () C:\Users\rac\Desktop\Video Watermark Maker.lnk
2014-05-31 20:32 - 2014-05-31 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Watermark Maker
2014-05-31 20:32 - 2014-05-31 20:32 - 00000000 ____D () C:\Program Files (x86)\Video Watermark Maker
2014-05-31 20:31 - 2014-05-31 20:31 - 10722008 _____ (SoftOrbits ) C:\Users\rac\Downloads\WatermarkMaker-bdj-June2014.exe
2014-05-30 11:21 - 2014-05-31 11:22 - 00000000 ____D () C:\Users\rac\AppData\Local\Deployment
2014-05-30 11:21 - 2014-05-30 11:24 - 00000000 ____D () C:\Users\rac\AppData\Local\Picturelife
2014-05-30 11:21 - 2014-05-30 11:21 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Picturelife, Inc
2014-05-30 11:20 - 2014-05-30 11:20 - 00484872 _____ () C:\Users\rac\Downloads\picturelifesetup.exe
2014-05-30 02:07 - 2014-05-30 02:07 - 00000000 ____D () C:\Program Files (x86)\IEToolbar
2014-05-30 01:58 - 2014-05-30 01:58 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-BargainChecker_Misspelled_eBay_Toolbar-ORG-10571182.exe
2014-05-30 00:38 - 2014-05-31 09:00 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Listomax
2014-05-30 00:38 - 2014-05-30 00:38 - 00001061 _____ () C:\Users\rac\Desktop\Listomax.lnk
2014-05-30 00:38 - 2014-05-30 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Listomax
2014-05-30 00:37 - 2014-05-30 00:38 - 00000000 ____D () C:\Program Files (x86)\Listomax
2014-05-30 00:21 - 2014-05-30 00:21 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-Listomax-ORG-10776855.exe
2014-05-29 23:57 - 2014-05-29 23:59 - 17834191 _____ () C:\Users\rac\Downloads\Setup_All4Bay_Windows.jar
2014-05-29 23:44 - 2014-05-29 23:46 - 00000000 ____D () C:\Program Files (x86)\Ebay Ad Maker
2014-05-29 23:44 - 2014-05-29 23:44 - 00001129 _____ () C:\Users\rac\Desktop\Ebay Ad Maker.lnk
2014-05-29 23:44 - 2014-05-29 23:44 - 00000000 __HDC () C:\Users\rac\AppData\Local\{92C66493-964D-4407-BBFC-5D4A541F755B}
2014-05-29 23:44 - 2014-05-29 23:44 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ebay Ad Maker
2014-05-29 23:43 - 2011-04-26 19:10 - 03274163 _____ (www.hiddentools.com ) C:\Users\rac\Downloads\Ebay Ad Maker.exe
2014-05-29 23:42 - 2014-05-29 23:42 - 03127356 _____ () C:\Users\rac\Downloads\ebay-ad-maker.zip
2014-05-29 23:36 - 2014-05-30 00:17 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-All4Bay-ORG-75335644.exe
2014-05-29 23:36 - 2014-05-29 23:36 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-Ebay_Ad_Maker-ORG-75451337.exe
2014-05-29 04:07 - 2014-05-29 04:07 - 00000000 ____D () C:\Users\rac\AppData\Roaming\com.StudioCloud.Desktop.3
2014-05-29 04:02 - 2014-05-29 04:02 - 00000959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StudioCloud 3.0.lnk
2014-05-29 04:02 - 2014-05-29 04:02 - 00000947 _____ () C:\Users\Public\Desktop\StudioCloud 3.0.lnk
2014-05-29 04:02 - 2014-05-29 04:02 - 00000947 _____ () C:\ProgramData\Desktop\StudioCloud 3.0.lnk
2014-05-29 04:02 - 2014-05-29 04:02 - 00000036 _____ () C:\Users\rac\.StudioCloudDesktop.log
2014-05-29 04:02 - 2014-05-29 04:02 - 00000000 ____D () C:\Users\rac\Documents\StudioCloud Invoices
2014-05-29 04:02 - 2014-05-29 04:02 - 00000000 ____D () C:\Users\rac\AppData\Roaming\com.StudioCloud.Desktop.3.F2DAE273367737D97F8409B8C86CCCEDC39FC38E.1
2014-05-29 04:02 - 2014-05-29 04:02 - 00000000 ____D () C:\Program Files (x86)\StudioCloud 3.0
2014-05-29 03:58 - 2014-05-29 03:59 - 12239247 _____ () C:\Users\rac\Downloads\StudioCloudDesktop.air
2014-05-29 01:19 - 2014-05-29 01:19 - 15940496 _____ (Palmer Products, Inc.) C:\Users\rac\Downloads\rbprog.exe
2014-05-29 00:01 - 2014-05-29 00:12 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gazelle
2014-05-28 23:51 - 2014-05-28 23:51 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-Gazelle_PointofSale-ORG-75651192.exe
2014-05-28 20:21 - 2014-05-28 20:23 - 21125569 _____ (Monely) C:\Users\rac\Downloads\monely_free.exe
2014-05-28 20:20 - 2014-05-28 23:53 - 00000000 ____D () C:\ProgramData\firebird
2014-05-28 20:17 - 2014-05-28 20:17 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-Monely_Free-ORG-75683373.exe
2014-05-28 20:12 - 2014-05-31 11:02 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-05-28 20:11 - 2012-09-07 13:39 - 00114688 _____ () C:\Windows\SysWOW64\TrialWareKillProcMFC.dll
2014-05-28 20:10 - 2012-09-07 13:39 - 00704512 _____ () C:\Windows\SysWOW64\KTSUtils.dll
2014-05-28 20:10 - 2012-09-07 13:39 - 00204800 _____ () C:\Windows\SysWOW64\KTSDataUtils.dll
2014-05-28 20:10 - 2012-09-07 13:39 - 00163840 _____ () C:\Windows\SysWOW64\KTSPrinterUtilities.dll
2014-05-28 20:10 - 2012-09-07 13:39 - 00114688 _____ () C:\Windows\SysWOW64\KTSInnoTools.dll
2014-05-28 20:10 - 2012-09-07 13:39 - 00057344 _____ () C:\Windows\SysWOW64\CaptureImageLib.dll
2014-05-28 20:06 - 2014-05-28 20:06 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-SalesMate_-ORG-192378.exe
2014-05-28 18:35 - 2014-05-28 18:35 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-PowerIMS-ORG-75305599.exe
2014-05-28 18:18 - 2014-05-28 18:18 - 00000000 ____D () C:\ProgramData\inFlow Inventory
2014-05-28 18:12 - 2014-05-28 18:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-28 18:08 - 2014-05-28 18:08 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-28 18:08 - 2014-05-28 18:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-28 18:01 - 2014-05-28 18:01 - 00970744 _____ (Archon Systems Inc.) C:\Users\rac\Downloads\inFlowInstaller.exe
2014-05-28 17:51 - 2014-05-28 17:51 - 00000000 __HDC () C:\ProgramData\{02C16897-8E86-43DC-B9D2-D30A7FC4AED4}
2014-05-28 17:49 - 2014-05-28 17:50 - 09668538 _____ (e-novations (London) Ltd ) C:\Users\rac\Downloads\emperium_retail_web.exe
2014-05-28 17:32 - 2014-05-28 17:44 - 00000000 _____ () C:\Users\rac\Documents\control.txt
2014-05-28 17:28 - 2014-05-28 17:28 - 00000000 ____D () C:\Users\rac\AppData\Local\Microsoft Help
2014-05-28 17:27 - 2014-05-28 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-28 17:26 - 2014-05-28 17:48 - 00000000 ____D () C:\AlmytaSystems
2014-05-28 17:26 - 2014-05-28 17:26 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-05-28 17:25 - 2014-05-28 17:25 - 00000000 ____D () C:\Users\rac\Downloads\Files
2014-05-28 17:14 - 2014-05-28 17:17 - 77136384 _____ () C:\Users\rac\Downloads\ABC_Inventory_Software_Package.exe
2014-05-28 16:35 - 2014-05-28 16:35 - 00001412 _____ () C:\Users\Public\Desktop\Kingsoft Writer.lnk
2014-05-28 16:35 - 2014-05-28 16:35 - 00001412 _____ () C:\ProgramData\Desktop\Kingsoft Writer.lnk
2014-05-28 16:35 - 2014-05-28 16:35 - 00001410 _____ () C:\Users\Public\Desktop\Kingsoft Presentation.lnk
2014-05-28 16:35 - 2014-05-28 16:35 - 00001410 _____ () C:\ProgramData\Desktop\Kingsoft Presentation.lnk
2014-05-28 16:35 - 2014-05-28 16:35 - 00001391 _____ () C:\Users\Public\Desktop\Kingsoft Spreadsheets.lnk
2014-05-28 16:35 - 2014-05-28 16:35 - 00001391 _____ () C:\ProgramData\Desktop\Kingsoft Spreadsheets.lnk
2014-05-28 16:35 - 2014-05-28 16:35 - 00000370 _____ () C:\Windows\Tasks\WpsUpdateTask_rac.job
2014-05-28 16:35 - 2014-05-28 16:35 - 00000370 _____ () C:\Windows\Tasks\WpsNotifyTask_rac.job
2014-05-28 16:34 - 2014-05-28 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Office
2014-05-28 14:33 - 2014-05-28 14:36 - 64358488 _____ (Kingsoft Corp. Ltd.) C:\Users\rac\Downloads\kso2013_9.1.0.4560_pro_giveaway_21.132.exe
2014-05-27 19:51 - 2014-05-27 19:51 - 00019921 _____ () C:\Users\rac\Documents\contact_20140527_195146.csv
2014-05-27 19:51 - 2014-05-27 19:51 - 00008799 _____ () C:\Users\rac\Documents\contact_20140527_195146.txt
2014-05-27 19:49 - 2014-05-27 19:49 - 00365446 _____ () C:\Users\rac\Documents\sms_20140527_194918.txt
2014-05-27 19:46 - 2014-05-27 19:46 - 00000000 _____ () C:\Users\rac\Documents\sms_20140527_194643.txt
2014-05-27 19:41 - 2014-05-27 19:41 - 00000110 ____H () C:\Users\rac\Desktop\DSCN5338.JPG.uid-zps
2014-05-26 08:09 - 2014-06-01 02:31 - 00001120 _____ () C:\Windows\setupact.log
2014-05-26 08:09 - 2014-05-26 08:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-25 23:42 - 2014-05-25 23:42 - 00002200 _____ () C:\Users\rac\Desktop\Folder Scout.lnk
2014-05-25 23:42 - 2014-05-25 23:42 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Folder Scout Labs
2014-05-25 23:42 - 2014-05-25 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Scout
2014-05-25 23:42 - 2014-05-25 23:42 - 00000000 ____D () C:\ProgramData\Folder Scout Labs
2014-05-25 23:42 - 2014-05-25 23:42 - 00000000 ____D () C:\Program Files (x86)\Folder Scout Labs
2014-05-25 23:41 - 2014-05-25 23:42 - 03446398 _____ (Folder Scout Labs ) C:\Users\rac\Downloads\Folder_Scout_Setup_1.3.2.217.BDJ.exe
2014-05-25 23:35 - 2014-05-25 23:35 - 00001282 _____ () C:\Users\Public\Desktop\PhoneTrans Pro.lnk
2014-05-25 23:35 - 2014-05-25 23:35 - 00001282 _____ () C:\ProgramData\Desktop\PhoneTrans Pro.lnk
2014-05-25 23:35 - 2014-05-25 23:35 - 00000000 ____D () C:\Users\rac\AppData\Roaming\iMobie
2014-05-25 23:35 - 2014-05-25 23:35 - 00000000 ____D () C:\Users\rac\AppData\Local\iMobie_Inc
2014-05-25 23:35 - 2014-05-25 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2014-05-25 23:35 - 2014-05-25 23:35 - 00000000 ____D () C:\Program Files (x86)\iMobie
2014-05-25 23:33 - 2014-05-25 23:34 - 14815512 _____ (iMobie Inc. ) C:\Users\rac\Downloads\phonetrans-pro-setup.exe
2014-05-24 17:55 - 2014-05-28 17:01 - 00000000 ____D () C:\Users\rac\Desktop\ebay invoice backup
2014-05-24 17:48 - 2014-05-28 17:01 - 00000000 ____D () C:\POS
2014-05-24 15:21 - 2014-05-24 15:21 - 00001161 _____ () C:\Users\Public\Desktop\Greeting Card Builder.lnk
2014-05-24 15:21 - 2014-05-24 15:21 - 00001161 _____ () C:\ProgramData\Desktop\Greeting Card Builder.lnk
2014-05-24 15:21 - 2014-05-24 15:21 - 00000000 ____D () C:\Users\rac\AppData\Roaming\PearlMountainSoft
2014-05-24 15:21 - 2014-05-24 15:21 - 00000000 ____D () C:\Users\Public\Documents\PearlMountainSoft
2014-05-24 15:21 - 2014-05-24 15:21 - 00000000 ____D () C:\ProgramData\PearlMountainSoft
2014-05-24 15:21 - 2014-05-24 15:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greeting Card Builder
2014-05-24 15:21 - 2014-05-24 15:21 - 00000000 ____D () C:\ProgramData\Documents\PearlMountainSoft
2014-05-24 15:21 - 2014-05-24 15:21 - 00000000 ____D () C:\Program Files (x86)\Greeting Card Builder
2014-05-24 15:12 - 2014-05-24 15:16 - 75675259 _____ (PearlMountain Technology Co., Ltd ) C:\Users\rac\Downloads\GreetingCardBuilder_Setup.exe
2014-05-24 15:10 - 2014-05-24 15:10 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-POS_MAID-SEO-10555676.exe
2014-05-24 00:29 - 2014-05-24 00:33 - 00000000 ____D () C:\Users\rac\Desktop\New folder
2014-05-23 13:27 - 2014-05-26 01:20 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Blue Jet Button
2014-05-23 13:26 - 2014-05-23 13:26 - 00001033 _____ () C:\Users\rac\Desktop\Blue Jet Button.lnk
2014-05-23 13:26 - 2014-05-23 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Jet Button
2014-05-23 13:26 - 2014-05-23 13:26 - 00000000 ____D () C:\Program Files (x86)\Blue Jet Button
2014-05-23 13:24 - 2014-05-23 13:24 - 00000000 ____D () C:\Users\rac\Downloads\bluejetbuttonv2.2
2014-05-23 13:23 - 2014-05-23 13:23 - 01289633 _____ () C:\Users\rac\Downloads\bluejetbuttonv2.2.zip
2014-05-21 07:24 - 2014-05-21 07:24 - 00000000 ____D () C:\Users\rac\Documents\Streaming Video Recorder
2014-05-21 01:14 - 2014-05-21 01:14 - 00095127 _____ () C:\Users\rac\Desktop\colin3
2014-05-21 01:12 - 2014-05-21 01:12 - 00096044 _____ () C:\Users\rac\Desktop\colin2
2014-05-20 23:12 - 2014-05-20 23:12 - 00001273 _____ () C:\Users\rac\Desktop\Aimersoft PDF Password Remover.lnk
2014-05-20 23:12 - 2014-05-20 23:12 - 00000000 ____D () C:\Users\rac\Documents\Aimersoft PDF Password Remover
2014-05-20 23:12 - 2014-05-20 23:12 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Aimersoft
2014-05-20 23:12 - 2014-05-20 23:12 - 00000000 ____D () C:\Users\rac\AppData\Local\Aimersoft
2014-05-20 23:12 - 2014-05-20 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft
2014-05-20 23:11 - 2014-05-20 23:11 - 00000000 ____D () C:\Program Files (x86)\Aimersoft
2014-05-20 23:08 - 2014-05-20 23:09 - 11458741 _____ (Aimersoft Software ) C:\Users\rac\Downloads\aimer-pdf-password-remover_full1682.exe
2014-05-20 22:13 - 2014-05-20 22:13 - 03383208 _____ (Check Point Software Technologies Ltd.) C:\Users\rac\Downloads\zafwSetupWeb_131_211_000.exe
2014-05-18 15:24 - 2014-05-18 15:30 - 65363968 _____ () C:\Users\rac\Downloads\eppb_setup_en.msi
2014-05-18 15:24 - 2014-05-18 15:28 - 50606080 _____ () C:\Users\rac\Downloads\edpr_setup_en.msi
2014-05-18 15:23 - 2014-05-18 15:23 - 00097819 _____ () C:\Users\rac\Downloads\lhc.zip
2014-05-18 15:17 - 2014-05-18 15:17 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2014-05-18 14:59 - 2014-05-18 14:59 - 15034880 _____ () C:\Users\rac\Downloads\einpb_setup_en.msi
2014-05-18 14:56 - 2014-05-29 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-05-18 14:56 - 2014-05-18 14:56 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-05-18 14:53 - 2014-05-18 14:53 - 05154304 _____ () C:\Users\rac\Downloads\fpe_setup_en.msi
2014-05-18 14:08 - 2014-05-18 14:08 - 01905980 _____ () C:\Users\rac\Downloads\FacebookPasswordDecryptor.zip
2014-05-18 09:39 - 2014-05-18 09:39 - 00000000 ____D () C:\Users\rac\Downloads\un extract
2014-05-18 00:41 - 2014-05-18 00:42 - 15330822 _____ () C:\Users\rac\Downloads\AllMediaGrabberStandard62.zip
2014-05-18 00:30 - 2014-05-18 00:31 - 00000000 ____D () C:\Users\rac\Desktop\126158304925161
2014-05-17 10:20 - 2014-05-17 10:23 - 63310856 _____ (ZONER software ) C:\Users\rac\Downloads\zps15_en.exe
2014-05-17 10:14 - 2014-05-17 10:14 - 00001882 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 15.lnk
2014-05-17 10:14 - 2014-05-17 10:14 - 00001882 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 15 x64.lnk
2014-05-17 10:14 - 2014-05-17 10:14 - 00001882 _____ () C:\ProgramData\Desktop\Zoner Photo Studio 15.lnk
2014-05-17 10:14 - 2014-05-17 10:14 - 00001882 _____ () C:\ProgramData\Desktop\Zoner Photo Studio 15 x64.lnk
2014-05-17 10:14 - 2014-05-17 10:14 - 00000000 ____D () C:\Users\rac\Documents\ZPS15
2014-05-17 10:14 - 2014-05-17 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 15
2014-05-17 09:06 - 2014-05-17 09:09 - 63306472 _____ (ZONER software ) C:\Users\rac\Downloads\zps15_en_pro_cnet.exe
2014-05-16 13:29 - 2014-06-01 00:10 - 00000304 _____ () C:\Windows\system32\TemporarFileConfiguration
2014-05-15 08:23 - 2014-05-15 08:23 - 00001102 _____ () C:\Users\rac\Desktop\Universal Extractor.lnk
2014-05-15 08:23 - 2014-05-15 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Extractor
2014-05-15 08:23 - 2014-05-15 08:23 - 00000000 ____D () C:\Program Files (x86)\Universal Extractor
2014-05-15 08:21 - 2014-05-15 08:21 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-Universal_Extractor-ORG-75449770.exe
2014-05-15 08:07 - 2014-05-15 08:08 - 00000000 ____D () C:\Users\rac\Anvsoft Flash SlideShow Maker Professional v5.10 + Keygen
2014-05-14 22:01 - 2014-05-14 22:01 - 00001058 _____ () C:\Users\rac\Desktop\EximiousSoft Banner Maker v5.25.lnk
2014-05-14 22:01 - 2014-05-14 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EximiousSoft Banner Maker 5.25
2014-05-14 21:59 - 2014-05-14 22:01 - 00000000 ____D () C:\Program Files (x86)\Banner Maker
2014-05-14 21:58 - 2014-05-14 21:59 - 18375917 _____ (EximiousSoft ) C:\Users\rac\Downloads\EBSetup.exe
2014-05-14 21:48 - 2014-05-14 21:48 - 00001264 _____ () C:\Users\rac\Desktop\Flash Banner Maker Trial.lnk
2014-05-14 21:48 - 2014-05-14 21:48 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-05-14 21:48 - 2014-05-14 21:48 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2014-05-14 21:47 - 2014-05-14 21:47 - 02809328 _____ () C:\Users\rac\Downloads\setup_flash_banner_maker.exe
2014-05-12 10:44 - 2014-05-12 10:44 - 00001981 _____ () C:\Users\Public\Desktop\Zoom Player PRO.lnk
2014-05-12 10:44 - 2014-05-12 10:44 - 00001981 _____ () C:\ProgramData\Desktop\Zoom Player PRO.lnk
2014-05-12 10:44 - 2014-05-12 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom Player
2014-05-12 10:43 - 2014-05-24 01:05 - 00000000 ____D () C:\ProgramData\Zoom Player
2014-05-12 10:04 - 2014-05-12 10:04 - 00000000 ____D () C:\Users\rac\Downloads\ZoomPlayerPro902
2014-05-12 10:01 - 2014-05-12 10:03 - 21300613 _____ () C:\Users\rac\Downloads\ZoomPlayerPro902.zip
2014-05-11 13:48 - 2014-05-11 13:48 - 00001125 _____ () C:\Users\Public\Desktop\FastStone Photo Resizer.lnk
2014-05-11 13:48 - 2014-05-11 13:48 - 00001125 _____ () C:\ProgramData\Desktop\FastStone Photo Resizer.lnk
2014-05-11 13:48 - 2014-05-11 13:48 - 00000000 ____D () C:\Users\rac\AppData\Roaming\FastStone
2014-05-11 13:48 - 2014-05-11 13:48 - 00000000 ____D () C:\Users\rac\AppData\Local\FastStone
2014-05-11 13:48 - 2014-05-11 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
2014-05-11 13:48 - 2014-05-11 13:48 - 00000000 ____D () C:\Program Files (x86)\FastStone Photo Resizer
2014-05-11 13:47 - 2014-05-11 13:47 - 01522679 _____ () C:\Users\rac\Downloads\FSResizerSetup32.exe
2014-05-09 22:51 - 2014-05-09 22:51 - 00001929 _____ () C:\Users\Public\Desktop\Perfect Effects 8.lnk
2014-05-09 22:51 - 2014-05-09 22:51 - 00001929 _____ () C:\ProgramData\Desktop\Perfect Effects 8.lnk
2014-05-09 22:51 - 2014-05-09 22:51 - 00000000 ____D () C:\Users\rac\AppData\Roaming\onOne Software
2014-05-09 22:51 - 2014-05-09 22:51 - 00000000 ____D () C:\ProgramData\Nalpeiron
2014-05-09 22:50 - 2014-05-09 22:50 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-05-09 22:50 - 2014-05-09 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2014-05-09 22:50 - 2014-05-09 22:50 - 00000000 ____D () C:\Program Files\onOne Software
2014-05-09 22:50 - 2014-05-09 22:50 - 00000000 ____D () C:\Program Files (x86)\onOne Software
2014-05-09 22:50 - 2014-01-23 13:53 - 00070768 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
2014-05-09 22:50 - 2014-01-23 13:53 - 00070768 _____ (Nalpeiron Ltd.) C:\Windows\system32\nlssrv32.exe
2014-05-09 22:49 - 2014-05-09 22:50 - 00000000 ____D () C:\ProgramData\onOne Software
2014-05-09 17:05 - 2014-05-09 17:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 15:02 - 2014-05-09 15:15 - 276555368 _____ (onOne Software) C:\Users\rac\Downloads\Perfect_Effects_8.1.0_PE.exe
2014-05-08 22:31 - 2014-05-08 22:38 - 148885840 _____ (Apple Inc.) C:\Users\rac\Downloads\iTunes64Setup.exe
2014-05-08 21:49 - 2014-05-08 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-08 21:48 - 2014-05-08 21:49 - 00000000 ____D () C:\Program Files\iTunes
2014-05-08 21:48 - 2014-05-08 21:49 - 00000000 ____D () C:\Program Files\iPod
2014-05-08 21:48 - 2014-05-08 21:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-05-08 21:48 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-05-08 21:47 - 2014-05-08 21:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-08 20:40 - 2014-05-08 20:40 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-05-08 20:40 - 2014-05-08 20:40 - 00001849 _____ () C:\ProgramData\Desktop\QuickTime Player.lnk
2014-05-08 20:40 - 2014-05-08 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-08 19:43 - 2014-05-08 19:54 - 235613936 _____ (DxO Labs) C:\Users\rac\Downloads\DxO_ViewPoint_Setup.exe
2014-05-08 10:01 - 2014-05-08 10:01 - 00000000 _____ () C:\Users\rac\Documents\sms_20140508_100117.txt
2014-05-08 09:58 - 2014-05-08 09:58 - 00000000 _____ () C:\Users\rac\Documents\sms_20140508_095850.txt
2014-05-08 00:15 - 2014-05-08 00:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6a8d3d873ede.job
2014-05-04 18:28 - 2014-05-14 16:30 - 00000895 _____ () C:\Users\rac\Desktop\File Shredder.lnk
2014-05-04 18:28 - 2014-05-04 18:28 - 00000000 ____D () C:\Program Files\File Shredder
2014-05-04 08:57 - 2014-05-04 08:57 - 00000000 ____D () C:\Users\rac\Documents\ZPS14
2014-05-04 00:25 - 2014-05-04 00:25 - 00000550 _____ () C:\Users\rac\Desktop\Emsisoft Emergency Kit.lnk
2014-05-04 00:24 - 2014-05-04 00:25 - 00000000 ____D () C:\EEK
2014-05-03 22:12 - 2014-05-03 22:14 - 00000000 ____D () C:\Users\rac\Desktop\NEED ORGANIZE
2014-05-03 20:38 - 2014-05-03 20:38 - 00000000 ____D () C:\Users\rac\Documents\Serif
2014-05-03 20:20 - 2014-05-03 20:24 - 00000000 ____D () C:\Users\rac\Documents\Sciences
2014-05-03 20:17 - 2014-05-03 21:09 - 00000000 ____D () C:\Users\rac\Documents\Relationship and help
2014-05-02 15:38 - 2014-05-02 15:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-02 15:38 - 2014-05-02 15:38 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-02 15:38 - 2014-05-02 15:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-02 15:38 - 2014-05-02 15:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-02 15:38 - 2014-05-02 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
==================== One Month Modified Files and Folders =======
2014-06-01 02:53 - 2014-06-01 02:53 - 00026664 _____ () C:\Users\rac\Desktop\FRST.txt
2014-06-01 02:53 - 2014-06-01 02:52 - 00000000 ____D () C:\FRST
2014-06-01 02:53 - 2012-06-30 23:50 - 00000000 ____D () C:\Users\rac\AppData\Local\Temp
2014-06-01 02:46 - 2014-06-01 02:46 - 02067456 _____ (Farbar) C:\Users\rac\Desktop\FRST64.exe
2014-06-01 02:31 - 2014-05-26 08:09 - 00001120 _____ () C:\Windows\setupact.log
2014-06-01 02:31 - 2012-12-23 06:26 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 02:31 - 2012-04-29 19:12 - 02077430 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 00:10 - 2014-05-16 13:29 - 00000304 _____ () C:\Windows\system32\TemporarFileConfiguration
2014-05-31 23:28 - 2014-04-01 16:06 - 00000000 ____D () C:\Users\rac\Desktop\newebay
2014-05-31 20:32 - 2014-05-31 20:32 - 00001046 _____ () C:\Users\rac\Desktop\Video Watermark Maker.lnk
2014-05-31 20:32 - 2014-05-31 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Watermark Maker
2014-05-31 20:32 - 2014-05-31 20:32 - 00000000 ____D () C:\Program Files (x86)\Video Watermark Maker
2014-05-31 20:31 - 2014-05-31 20:31 - 10722008 _____ (SoftOrbits ) C:\Users\rac\Downloads\WatermarkMaker-bdj-June2014.exe
2014-05-31 12:02 - 2012-04-29 19:14 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-05-31 11:22 - 2014-05-30 11:21 - 00000000 ____D () C:\Users\rac\AppData\Local\Deployment
2014-05-31 11:02 - 2014-05-28 20:12 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-05-31 09:00 - 2014-05-30 00:38 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Listomax
2014-05-31 00:13 - 2014-03-16 12:28 - 00006362 _____ () C:\Windows\system32\ScanResults.xml
2014-05-31 00:11 - 2014-03-16 12:26 - 00001056 _____ () C:\Windows\system32\SettingsFile
2014-05-30 11:24 - 2014-05-30 11:21 - 00000000 ____D () C:\Users\rac\AppData\Local\Picturelife
2014-05-30 11:24 - 2012-06-30 23:51 - 00000000 ___RD () C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 11:21 - 2014-05-30 11:21 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Picturelife, Inc
2014-05-30 11:21 - 2014-04-04 11:22 - 00000000 ____D () C:\Users\rac\AppData\Local\Apps\2.0
2014-05-30 11:20 - 2014-05-30 11:20 - 00484872 _____ () C:\Users\rac\Downloads\picturelifesetup.exe
2014-05-30 02:07 - 2014-05-30 02:07 - 00000000 ____D () C:\Program Files (x86)\IEToolbar
2014-05-30 01:58 - 2014-05-30 01:58 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-BargainChecker_Misspelled_eBay_Toolbar-ORG-10571182.exe
2014-05-30 00:38 - 2014-05-30 00:38 - 00001061 _____ () C:\Users\rac\Desktop\Listomax.lnk
2014-05-30 00:38 - 2014-05-30 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Listomax
2014-05-30 00:38 - 2014-05-30 00:37 - 00000000 ____D () C:\Program Files (x86)\Listomax
2014-05-30 00:33 - 2014-03-28 01:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 00:31 - 2012-04-04 00:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-30 00:28 - 2012-11-12 18:35 - 00000000 ____D () C:\Program Files (x86)\Leawo
2014-05-30 00:21 - 2014-05-30 00:21 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-Listomax-ORG-10776855.exe
2014-05-30 00:17 - 2014-05-29 23:36 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-All4Bay-ORG-75335644.exe
2014-05-29 23:59 - 2014-05-29 23:57 - 17834191 _____ () C:\Users\rac\Downloads\Setup_All4Bay_Windows.jar
2014-05-29 23:51 - 2007-06-13 09:24 - 00228144 _____ (Fusion Install ) C:\Users\rac\Downloads\setup.exe
2014-05-29 23:46 - 2014-05-29 23:44 - 00000000 ____D () C:\Program Files (x86)\Ebay Ad Maker
2014-05-29 23:44 - 2014-05-29 23:44 - 00001129 _____ () C:\Users\rac\Desktop\Ebay Ad Maker.lnk
2014-05-29 23:44 - 2014-05-29 23:44 - 00000000 __HDC () C:\Users\rac\AppData\Local\{92C66493-964D-4407-BBFC-5D4A541F755B}
2014-05-29 23:44 - 2014-05-29 23:44 - 00000000 ____D () C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ebay Ad Maker
2014-05-29 23:44 - 2012-06-30 23:51 - 00135536 _____ () C:\Users\rac\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-29 23:42 - 2014-05-29 23:42 - 03127356 _____ () C:\Users\rac\Downloads\ebay-ad-maker.zip
2014-05-29 23:36 - 2014-05-29 23:36 - 00929416 _____ (CNET Download.com) C:\Users\rac\Downloads\cbsidlm-cbsi188-Ebay_Ad_Maker-ORG-75451337.exe
2014-05-29 04:07 - 2014-05-29 04:07 - 00000000 ____D () C:\Users\rac\AppData\Roaming\com.Studio