CreateRestorePoint:
() C:\Program Files (x86)\08F60977-C840-42C6-A2D3-06E8FE3787F5\xtloowpkjv64.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
() C:\Program Files\sarconsogulpe\sarconsogulpe.exe
BHO-x32: Idmsq Extension -> {3AA4FC9D-FB51-44a2-B09F-0457857CA7C2} -> C:\Users\Adam\AppData\Roaming\IDMSQ\idmsqext.dll [2013-10-24] (Or Interactive Ltd)
FF Extension: Internet Download Manager Squared - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\0do7p7dh.default\Extensions\idmsq@idmsq.com [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [ohenffmfbnoidogjgebadealdkecjdal] - C:\Users\Adam\AppData\Roaming\IDMSQ\IDMSQ.crx [2013-09-24]
R2 CouponarificService64; C:\Program Files (x86)\08F60977-C840-42C6-A2D3-06E8FE3787F5\xtloowpkjv64.exe [186368 2014-11-19] () [File not signed]
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [710976 2014-01-27] () [File not signed]
R2 sarconsogulpe; C:\Program Files\sarconsogulpe\sarconsogulpe.exe [868352 2014-09-17] () [File not signed]
U3 mfeapfk01; No ImagePath
U3 mfeavfk01; No ImagePath
U3 mfehidk06; No ImagePath
U3 mfencbdc01; No ImagePath
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-04-05] (StdLib)
2015-05-19 21:12 - 2014-12-10 15:24 - 00000000 ____D () C:\Program Files\Couponarific
2015-05-04 15:04 - 2014-04-06 11:16 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\IDMSQ
C:\ProgramData\DP45977C.lfl
C:\ProgramData\5I5uM44ND.dat
C:\ProgramData\n3l8iC4hq.dat
2014-03-26 18:51 - 2014-03-26 18:52 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-03-26 18:47 - 2014-03-26 18:48 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-03-26 18:48 - 2014-03-26 18:50 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-03-26 18:50 - 2014-03-26 18:51 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-03-26 18:46 - 2014-03-26 18:47 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-11-19 09:38 - 2014-11-19 09:38 - 00186368 _____ () C:\Program Files (x86)\08F60977-C840-42C6-A2D3-06E8FE3787F5\xtloowpkjv64.exe
2014-11-19 09:38 - 2014-11-19 09:38 - 00110080 _____ () C:\Program Files (x86)\08F60977-C840-42C6-A2D3-06E8FE3787F5\nfapi.dll
2014-11-19 09:38 - 2014-11-19 09:38 - 00471040 _____ () C:\Program Files (x86)\08F60977-C840-42C6-A2D3-06E8FE3787F5\ProtocolFilters.dll
2014-01-27 14:45 - 2014-01-27 14:45 - 00710976 _____ () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
2014-09-17 16:45 - 2014-09-17 16:45 - 00868352 _____ () C:\Program Files\sarconsogulpe\sarconsogulpe.exe
C:\Program Files (x86)\08F60977-C840-42C6-A2D3-06E8FE3787F5
C:\Program Files\Level Quality Watcher
C:\Program Files\sarconsogulpe
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Hosts:
EmptyTemp: