HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: G - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\start.exe
MountPoints2: {eae00bae-d89e-11e2-8e5d-90e6ba585629} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\start.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\Program Files (x86)\FileServe Manager\FileServeBHO.dll (FileServe Limited)
C:\Program Files (x86)\FileServe Manager
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {6AA40521-14E7-4B1D-B1B4-98528C1388C9} - No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKCU - No Name - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No File
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=
FF SearchPlugin: C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\searchplugins\conduit.xml
C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\searchplugins\conduit.xml
FF Extension: Conduit Engine - C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\Extensions\engine@conduit.com
C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\Extensions\engine@conduit.com
FF Extension: No Name - C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\Extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\Extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
FF Extension: Addons Engine - C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\Extensions\{071777e6-266a-11e3-8277-b8ac6f996f26}
C:\Users\Collyne\AppData\Roaming\Mozilla\Firefox\Profiles\gpgv2iyu.default\Extensions\{071777e6-266a-11e3-8277-b8ac6f996f26}
FF HKLM-x32\...\Firefox\Extensions: [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}] - C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox
FF Extension: No Name - C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox
C:\Program Files (x86)\SPEEDbit Video Downloader
FF HKCU\...\Firefox\Extensions: [{1266764D-FC4F-4FA7-B63B-884D53B1680F}] - C:\Users\Collyne\AppData\Roaming\NetAssistant\
FF Extension: Freeze.com NetAssistant - C:\Users\Collyne\AppData\Roaming\NetAssistant\
C:\Users\Collyne\AppData\Roaming\NetAssistant\
U4 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{6a3f89d6-8357-78a8-7618-a6ddc863dde8}\ \...\???\{6a3f89d6-8357-78a8-7618-a6ddc863dde8}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
C:\Program Files (x86)\Google\Desktop\Install
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client