Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Spyware/Malware issue [Solved]


  • This topic is locked This topic is locked

#1
1brokenpc

1brokenpc

    New Member

  • Member
  • Pip
  • 5 posts
I am seeing highlighted text in web pages where I do not expect to see any and when I mouse over the text a pop up appears. I am also getting a lot of pop ups for random websites.

Antivirus: Microsoft Security Essentials
Other: Using MVPS HOSTS to help reduce annoying adds.
Application Removal: I have gone through add and remove programs and removed any application that I did not recognize.

Thank you in advance for your help.

OTL Log:

OTL logfile created on: 12/10/2013 3:24:49 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Desk\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.70 Gb Total Physical Memory | 0.95 Gb Available Physical Memory | 12.37% Memory free
17.70 Gb Paging File | 10.35 Gb Available in Paging File | 58.47% Paging File free
Paging file location(s): e:\pagefile.sys 10240 20480 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 59.86 Gb Free Space | 50.24% Space Free | Partition Type: NTFS
Drive D: | 596.17 Gb Total Space | 378.26 Gb Free Space | 63.45% Space Free | Partition Type: NTFS
Drive E: | 29.82 Gb Total Space | 19.69 Gb Free Space | 66.05% Space Free | Partition Type: NTFS
Drive G: | 3.73 Gb Total Space | 3.52 Gb Free Space | 94.33% Space Free | Partition Type: FAT32
Drive H: | 27.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DESK-PC | User Name: Desk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/23 13:29:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Desk\Downloads\OTL.exe
PRC - [2013/10/16 10:18:44 | 003,688,448 | ---- | M] (Adpeak, Inc.) -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe
PRC - [2013/10/15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/10/10 14:47:54 | 000,707,984 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2013/10/10 14:47:38 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/09/27 13:15:22 | 007,417,944 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2013/09/20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/09/15 13:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/09/14 02:38:54 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/09/14 02:27:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
PRC - [2013/09/13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/26 01:28:44 | 000,357,456 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2013/02/26 01:28:26 | 000,436,304 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2013/02/26 00:30:42 | 000,087,120 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2013/01/22 00:52:51 | 000,169,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
PRC - [2012/12/20 05:42:34 | 000,713,816 | ---- | M] (Koninklijke Philips Electronics N.V.) -- C:\Users\Desk\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe
PRC - [2012/04/27 11:37:00 | 000,395,384 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2012/04/27 11:35:30 | 002,637,784 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2012/02/26 12:01:56 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/28 19:24:42 | 000,148,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
PRC - [2011/09/23 13:36:50 | 000,729,088 | ---- | M] (Rhapsody International Inc.) -- C:\Program Files (x86)\Rhapsody\rhaphlpr.exe
PRC - [2011/01/07 13:12:22 | 000,505,576 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/11/02 13:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/10 14:48:38 | 000,063,376 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2013/10/10 02:22:15 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\065d1a77c70d2c1c13fce187ba67ae86\System.Windows.Forms.ni.dll
MOD - [2013/10/10 02:22:10 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/10 02:22:04 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/09/14 00:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 00:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/09/12 02:01:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/08/14 02:35:54 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\954010bba8b7b74a5773695728a9da69\IAStorUtil.ni.dll
MOD - [2013/08/14 02:20:02 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 02:20:00 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 02:19:49 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/14 21:37:26 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\efe52f911d782f598ee9d886f9bc9b9a\IAStorCommon.ni.dll
MOD - [2013/07/14 21:08:34 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/11/02 13:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 13:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/12/03 14:00:40 | 000,512,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe -- (Level Quality Watcher)
SRV:64bit: - [2013/12/03 03:00:31 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/10/16 10:18:44 | 003,688,448 | ---- | M] (Adpeak, Inc.) [Auto | Running] -- C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe -- (AdpeakProxy)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/22 07:58:14 | 000,354,816 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Serviio\bin\ServiioService.exe -- (Serviio)
SRV:64bit: - [2013/01/22 00:52:51 | 000,169,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV:64bit: - [2012/11/02 21:43:00 | 000,112,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WhsMcClient.exe -- (WhsMcClient)
SRV:64bit: - [2012/11/02 21:07:28 | 000,080,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV:64bit: - [2012/07/06 13:24:34 | 000,041,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe -- (ServiceProviderRegistry)
SRV:64bit: - [2012/06/11 16:00:31 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2011/11/28 19:23:30 | 001,084,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/05/18 02:33:58 | 000,510,024 | ---- | M] (Aventail Corporation) [Auto | Running] -- C:\Windows\SysNative\ngvpnmgr.exe -- (NgVpnMgr)
SRV:64bit: - [2011/03/02 14:46:44 | 000,027,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\LANConfigSvc.exe -- (LANConfig)
SRV:64bit: - [2011/03/02 14:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (WSS_ComputerBackupProviderSvc)
SRV:64bit: - [2011/03/02 14:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (SqmProviderSvc)
SRV:64bit: - [2011/03/02 14:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (providers_system)
SRV:64bit: - [2011/03/02 14:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (NotificationsProviderSvc)
SRV:64bit: - [2011/03/02 14:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (initMonitor)
SRV:64bit: - [2011/03/02 14:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (HealthAlertsSvc)
SRV:64bit: - [2011/03/02 14:46:34 | 000,228,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe -- (WSConnectorUpdate)
SRV:64bit: - [2011/01/17 15:00:50 | 000,164,520 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/20 14:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/06 15:48:53 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/24 12:40:40 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2013/10/24 12:40:38 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/10/20 11:18:08 | 000,517,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Downloaded Program Files\DMService.exe -- (DMService)
SRV - [2013/10/10 14:47:38 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/10/09 06:52:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/30 10:57:00 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2013/02/26 01:28:44 | 000,357,456 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013/02/26 01:28:26 | 000,436,304 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013/02/26 00:30:42 | 000,087,120 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2012/10/11 15:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012/07/25 17:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2012/07/25 17:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/04/27 11:38:24 | 001,191,648 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012/03/19 22:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/11/29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/24 12:41:00 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013/10/10 14:31:34 | 000,052,080 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64-6.sys -- (vpnva)
DRV:64bit: - [2013/10/10 14:29:26 | 000,112,496 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/08/20 02:00:14 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2013/07/31 04:23:57 | 000,139,352 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2013/07/04 18:13:01 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2013/07/04 18:12:38 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2013/07/04 18:12:31 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013/07/04 18:12:31 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:64bit: - [2013/05/13 14:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/05/02 11:48:10 | 000,067,808 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mozy.sys -- (mozyFilter)
DRV:64bit: - [2013/04/30 10:57:00 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2013/04/30 10:56:42 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2013/03/10 17:49:12 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2013/03/04 05:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2013/02/26 01:28:48 | 000,067,664 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013/02/26 01:28:14 | 000,030,800 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013/02/26 01:27:48 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013/02/26 01:27:48 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013/02/26 01:27:44 | 000,033,360 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/24 13:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012/10/24 13:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012/10/11 15:15:32 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012/10/11 15:15:06 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2012/08/23 07:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/20 10:48:46 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/08/20 10:48:22 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/08/20 10:48:22 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012/07/17 17:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/11 16:00:26 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2012/06/11 16:00:17 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/06/11 16:00:14 | 000,021,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
DRV:64bit: - [2012/03/19 22:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/26 12:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/26 12:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/26 12:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/03 10:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 10:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/11/02 22:00:48 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2011/09/22 20:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011/09/20 01:36:24 | 000,620,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011/07/06 03:35:40 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/06/22 20:59:28 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/06/22 20:59:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/05/20 07:49:36 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/05/18 02:11:52 | 000,103,496 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngvpn.sys -- (NgVpn)
DRV:64bit: - [2011/05/18 02:11:52 | 000,031,304 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nglog.sys -- (NgLog)
DRV:64bit: - [2011/05/18 02:11:52 | 000,028,744 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ngwfp.sys -- (NgWfp)
DRV:64bit: - [2011/05/18 02:11:52 | 000,026,184 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ngfilter.sys -- (NgFilter)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/02 12:33:12 | 000,063,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BackupReader.sys -- (BackupReader)
DRV:64bit: - [2011/02/13 09:17:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/02/07 20:03:04 | 000,328,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/11/20 20:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 20:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 20:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/05/20 14:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/01/29 05:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2013/07/31 04:23:57 | 000,139,352 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2013/04/30 10:57:00 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2012/07/13 15:13:14 | 000,070,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys -- (VSPerfDrv110)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {5D6BEE87-CBA5-42A9-93E2-B51F7329894F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comca...insDate09292013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F 63 F8 9D 30 48 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {52D443FB-8100-4851-B76B-DD7549346A41}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcas...q={searchTerms}
IE - HKCU\..\SearchScopes\{52D443FB-8100-4851-B76B-DD7549346A41}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{5D6BEE87-CBA5-42A9-93E2-B51F7329894F}: "URL" = http://search.condui...7313951236&UM=2
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "XFINITY"
FF - prefs.js..browser.search.defaultthis.engineName: "Connect DLC 5 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "XFINITY"
FF - prefs.js..browser.startup.homepage: "http://xfinity.comca...nsDate09292013"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: ""


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Desk\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Desk\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/06 15:48:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/06 15:48:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/06/11 15:50:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Desk\AppData\Roaming\Mozilla\Extensions
[2013/12/09 12:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Desk\AppData\Roaming\Mozilla\Firefox\Profiles\au9x37e5.default\extensions
[2013/11/19 21:07:49 | 000,001,003 | ---- | M] () -- C:\Users\Desk\AppData\Roaming\Mozilla\Firefox\Profiles\au9x37e5.default\searchplugins\conduit.xml
[2013/12/06 15:48:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/06 15:48:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/06 15:48:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/06 15:48:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/06 15:48:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://portal.adp.com/wps/myportal/sitemap/Employee/Home/NasWelcome/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3gzCzMTD_dgA3cLJz8jA09jw1A3U5dgQ-dQY30_j_zcVP2CbEdFANRq1qo!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Desk\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Desk\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Desk\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Desk\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Desk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Rhapsody = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchmkapadehcjeefcedoagboglpakpkk\1_0\
CHR - Extension: James White = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: Google Calendar = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Skydrive = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\elngnfedhccljkjajklaoccidmnhbdoa\1.0_0\
CHR - Extension: LastPass = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.16_0\
CHR - Extension: Xfinity = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hemjgdpngmhbimofcicjfhibkdbigdmb\1_0\
CHR - Extension: Skype Click to Call = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Google Wallet = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: LogMeIn = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon\1.0.0.1037_0\
CHR - Extension: Weather Underground = C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\

O1 HOSTS File: ([2013/12/10 15:25:52 | 000,567,933 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 csh.actiondesk.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 127.0.0.1 content.ad20.net
O1 - Hosts: 15456 more lines...
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (ScorpionSaver) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launchpad] C:\Program Files\Windows Server\Bin\Launchpad.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKCU..\Run: [ALconnect] C:\Users\Desk\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe (Koninklijke Philips Electronics N.V.)
O4 - HKCU..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Desk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = File not found
O4 - Startup: C:\Users\Desk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe ()
O4 - Startup: C:\Users\Desk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Setup - Shortcut.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2012\spy.htm ()
O9:64bit: - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2012\spy.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2012\spy.htm ()
O9 - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2012\spy.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\AdpeakProxy64.dll (Adpeak, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWow64\AdpeakProxy.dll (Adpeak, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: //@[email protected]/ ([]money in Local intranet)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.2.cab (DLM Control)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds...ransferCtrl.cab (DLC Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.su...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://webmail.alte.../WhlCompMgr.cab (Forefront UAG client components)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1007 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.123 208.67.220.123 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE528BB2-4898-4853-B97E-F440B5FFDB95}: DhcpNameServer = 208.67.222.123 208.67.220.123 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7823c6bb-bdba-11e1-ac55-94dbc9e34b66}\Shell - "" = AutoRun
O33 - MountPoints2\{7823c6bb-bdba-11e1-ac55-94dbc9e34b66}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\{a4d0ee52-b41e-11e1-bfe6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a4d0ee52-b41e-11e1-bfe6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/06 15:48:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/12/06 10:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\ScorpionSaver Services
[2013/12/03 21:33:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/11/25 23:40:18 | 000,107,368 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/11/25 23:40:18 | 000,092,488 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/11/25 23:40:18 | 000,072,216 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2013/11/25 23:40:18 | 000,035,656 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/11/25 23:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn
[2013/11/24 07:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2013/11/21 21:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/11/21 21:01:44 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/11/21 21:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/11/21 21:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/11/21 21:01:02 | 000,000,000 | ---D | C] -- C:\Users\Desk\AppData\Local\Programs
[2013/11/21 20:48:03 | 000,000,000 | ---D | C] -- C:\Users\Desk\Desktop\Molly Pics
[2013/11/20 21:21:35 | 000,439,296 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysNative\AdpeakProxy64.dll
[2013/11/20 21:21:33 | 000,338,944 | ---- | C] (Adpeak, Inc.) -- C:\Windows\SysWow64\AdpeakProxy.dll
[2013/11/19 21:19:07 | 000,000,000 | ---D | C] -- C:\temp
[2013/11/19 21:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2013/11/19 21:18:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\lucky leap
[2013/11/19 21:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/11/19 21:08:39 | 000,000,000 | ---D | C] -- C:\Users\Desk\AppData\Local\WhiteListing
[2013/11/19 21:08:24 | 000,000,000 | ---D | C] -- C:\Users\Desk\AppData\Local\NativeMessaging
[2013/11/19 21:08:23 | 000,000,000 | ---D | C] -- C:\Users\Desk\AppData\Local\Conduit
[2013/11/19 21:08:22 | 000,000,000 | ---D | C] -- C:\Users\Desk\AppData\Local\CRE
[2013/11/19 21:08:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit

========== Files - Modified Within 30 Days ==========

[2013/12/10 15:26:32 | 000,567,933 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/12/10 15:26:22 | 000,567,880 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2013/12/10 14:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/10 14:39:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000UA.job
[2013/12/09 18:39:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000Core.job
[2013/12/08 14:07:25 | 000,870,128 | ---- | M] () -- C:\Users\Desk\AppData\Roaming\mcs.rma
[2013/12/08 14:07:25 | 000,000,004 | ---- | M] () -- C:\Users\Desk\AppData\Roaming\B8A679
[2013/12/07 19:42:52 | 000,000,948 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk
[2013/12/07 18:07:57 | 000,005,156 | ---- | M] () -- C:\Windows\mozy.blk
[2013/12/07 18:07:57 | 000,003,498 | ---- | M] () -- C:\Windows\mozy.flt
[2013/12/05 10:41:19 | 000,002,360 | ---- | M] () -- C:\Users\Desk\Desktop\Google Chrome.lnk
[2013/12/04 04:15:59 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/04 04:15:59 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/03 18:32:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/03 03:24:16 | 000,880,274 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/03 03:24:16 | 000,732,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/03 03:24:16 | 000,149,504 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/03 03:00:32 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/03 03:00:31 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/25 23:40:18 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013/11/21 21:01:48 | 000,001,418 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/11/21 20:39:24 | 000,002,244 | -H-- | M] () -- C:\Users\Desk\Documents\Default.rdp
[2013/11/19 21:08:48 | 000,000,009 | ---- | M] () -- C:\END
[2013/11/19 03:00:28 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

========== Files Created - No Company Name ==========

[2013/12/03 03:00:32 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/12/03 03:00:31 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/25 23:40:18 | 000,001,024 | ---- | C] () -- C:\.rnd
[2013/11/25 23:40:16 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn.lnk
[2013/11/21 21:01:48 | 000,001,430 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/11/21 21:01:48 | 000,001,418 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/11/19 21:07:31 | 000,000,009 | ---- | C] () -- C:\END
[2013/11/06 15:42:12 | 000,005,360 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxy.ini
[2013/11/06 15:32:48 | 000,002,312 | ---- | C] () -- C:\Windows\SysWow64\AdpeakProxyOff.ini
[2013/07/03 19:57:00 | 000,000,400 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/01/23 17:49:52 | 000,000,031 | ---- | C] () -- C:\Users\Desk\AppData\Roaming\Days5.ini
[2013/01/23 06:12:06 | 000,009,584 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2012/12/14 01:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 01:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/20 12:00:43 | 000,016,384 | ---- | C] () -- C:\Users\Desk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/16 06:34:12 | 000,870,128 | ---- | C] () -- C:\Users\Desk\AppData\Roaming\mcs.rma
[2012/06/16 06:34:12 | 000,000,004 | ---- | C] () -- C:\Users\Desk\AppData\Roaming\B8A679
[2012/06/14 19:30:48 | 000,000,048 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/06/11 16:07:26 | 000,874,892 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/06/11 15:19:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/06/11 15:19:12 | 000,040,044 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/03/19 22:37:12 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012/03/19 22:37:12 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/03/19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 21:23:38 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/04 18:17:20 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\Acronis
[2012/12/18 07:47:40 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\Aventail
[2013/03/19 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\DirectLife
[2013/01/27 20:06:27 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\DraftAnalyzer
[2013/10/13 19:22:28 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\HandBrake
[2012/06/16 23:12:52 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\JetBrains
[2012/06/24 20:47:05 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\Samsung
[2013/02/04 10:12:02 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\webex
[2012/07/10 20:34:15 | 000,000,000 | ---D | M] -- C:\Users\Desk\AppData\Roaming\Wondershare Video Converter Ultimate

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,962 posts
:welcome:

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

  • 0

#3
1brokenpc

1brokenpc

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Thank you for your help.

1. JRT Log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Desk on Tue 12/10/2013 at 19:40:34.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3306061
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5D6BEE87-CBA5-42A9-93E2-B51F7329894F}



~~~ Files

Successfully deleted: [File] "C:\Users\Desk\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Desk\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage-journal"
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\Users\Desk\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Desk\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Desk\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\lucky leap"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{0193400A-CB41-4755-BB52-09B4C0AC9ADA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{03C058DB-3A9A-4EC0-AD5B-BF0249289676}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{046FAB35-9B2D-41E0-BF7D-CBF85435E82E}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{0830A1EB-84E3-4B84-B92A-2859265E6AD0}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{0ABE44F3-9D87-4656-8A42-ED8B2DED3DBB}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{0BA5AE4F-D84B-4473-8EC7-07BB41B362CC}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{0DC6D3CA-974D-4E51-9A5D-51E945FA4D5E}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{0FEA6414-7A74-4726-8C5A-B20AAB05AE5C}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{113A6DA8-5836-4FA4-9429-E1CADE6F86E1}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{14B9DFEE-3087-475A-9104-C0EE8EA56487}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{15735D3C-B092-47D6-8E9A-489A9D5D4DB9}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{15C6D931-F193-444C-8D5D-DF1DD8D20F7A}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{161A554E-6969-4369-A9DB-F8343F4EE590}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{1BC528E4-A1CC-4B29-ADEB-3521A27E4A71}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{1FE47DFB-7A80-416E-BECB-9804C5D6FA62}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{2070DADD-2823-4BE4-A09E-9A0D3BE1EE92}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{20836637-8D32-4546-B996-2006871766CA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{20B12FDA-0A73-4A47-ACE4-A64B8131B085}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{22F64A98-7D91-43CA-B2A5-69D6CE370BCA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{241DE32B-B901-435A-8460-BDAC355ABC83}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{27ABE6D3-D00C-43BA-BF2D-AD89EDCC7F5F}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{297E6280-F64F-47B4-81CE-03D1B6C157BE}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{2D7B3F23-3D07-46CA-A14B-D343B6F521A8}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{2E9AF22F-FE9F-4835-A550-55FDF8F56F41}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{2F0542C7-018D-4BE5-9F88-F9FC426F8786}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{3A74595C-4269-4AFE-B17D-22C855AFA6CD}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{3B603BCA-94B6-427B-A778-F1A73A4E71D5}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{3C1BA37C-5BCA-4B36-A17D-AF1E9B70DBC7}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{3F5A55D7-79F6-4EFA-B385-9ACFC514EEAC}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{438E368B-DD77-435E-9DFA-5DB4506E6029}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{45801C63-4BF0-484E-8393-77E50685B91E}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{46A9A15A-9B95-434D-9FAA-D0C9969A759B}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{47D9E34A-6770-43EC-AAC0-76176C04E02D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4B55338E-185F-445D-A4A5-98EFDD60E8DF}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4C1A8CB8-1F65-4667-AB9A-F2D30D96A178}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4C7BF8B3-4DA2-49D1-B021-B237BDF81541}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4D353FCC-263F-4294-BE57-AB6C63DDFB22}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4D986257-97EF-4C38-B0B7-17D2B7665067}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4DCC6C7B-F64A-42D8-AB75-C89D035F368A}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4DEDA314-0EE0-438C-AA7B-A59AE3FA5AAA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{4FB1FB5D-9828-4FF9-B81C-0A2436C7F2B5}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{50CE5575-04CA-4D0F-B675-0B668170F95C}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{51FC5D08-88BF-40EF-B0F1-72F6F1D3DC8D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{521F1CA5-1BD3-4D43-B9D7-7FEE7C3489EA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{5239C10C-385B-48BF-BE19-C29701095896}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{544C1A0C-9A07-4DCE-A800-35ED24A7AA6A}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{5623613A-EB51-412C-BC4F-2E5F6971A334}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{58860949-A5E7-4A86-ADDB-917DAF93F66F}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{58973670-24D2-40B7-9DD7-39D5F195DEB4}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{5A2DC69D-BC0E-4755-B745-92BC7C405EE9}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{5B08FFD1-ADEC-4A24-BF34-8D70A8E2DFA5}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{5B8D568B-3515-4B7D-94A5-B22801299392}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{5F2EDAC6-B453-43BD-A878-647062C67EFD}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{624C2765-3166-44A1-B148-9C00986FF6DB}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{67647EC1-FDD3-4F78-930E-09A64DF81032}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{67D264C7-74D3-4E7E-A5E2-6F100BEBEAE2}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{6A7770A0-2AAF-45D1-86EF-3E866F136A60}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{6B765133-9213-4F94-94DD-E44ED6E99975}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{6DD045E8-0FE9-4DE2-B629-AB80706D5B54}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{6E6CBBF5-F922-40E8-992D-E2321C364325}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{70A4703F-69F3-4414-A89B-DC5D1D45D300}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{7493B6B0-5D1E-4C1C-BD4C-C67C873BF45D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{74C66413-64EB-474B-8C32-E9BE9E92406D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{7562E64A-5C69-427F-B3FD-AFE6E7FEE6CC}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{75FA94EB-A0C8-4DD3-878D-668F38A0FFDD}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{77D8D68D-BA71-4251-889E-B367AAE45F5B}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{7A4512F1-CB19-436E-BBDD-99765C9A89A8}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{7D2DFE80-E521-497F-9A3F-38BDC1989AD4}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{8090BBBB-78D9-407F-BA0E-67990FC3A9A9}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{84FB67ED-000A-43EF-9ACB-94603088482D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{85300C00-406B-47E9-8435-872846CA42D2}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{859CECEA-E25F-479A-9F1D-15A3D09B430B}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{89031254-8A50-4F7D-BABA-69D12B86B4DB}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{8A5956DB-9604-4367-B052-868867853380}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{8D6E6BBE-636D-471E-8E27-B0309C1FEC8F}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{8E0267A4-FB96-45C8-A4D6-76AE774F0C52}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{8FCC34DD-AE98-4CCF-8B7C-B22B8BEBB027}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{91B425AD-441C-4D40-96F5-B5D7644B38CF}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{92FB560B-0266-4523-B1B7-87CFFE0655F3}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{94475851-67D2-4291-B26B-211C4507EB4E}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{95BF4ADA-67F6-4608-805E-F07E22F465DD}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9735DAB3-6359-4CAF-B73C-D98EFCBA83B0}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9989898B-61C8-4015-A2B3-7725F3BBE380}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9ADAB866-9768-4A99-8F28-AC5C7EFA3F3C}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9AFD8D0A-E124-4104-801D-567BC5A4AF71}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9D1D4CD7-3D77-4AEB-A553-D160651E5BA0}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9D69D6FE-6316-4DA8-81A2-513D6D919C01}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9E3CF529-26D5-4F1A-9EA1-6D6224FC4940}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{9E98E89D-B0BA-4D4D-8175-F11050BA3267}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A13D2067-CA4E-4A4D-A115-E356AC4BF801}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A2BF4E8B-6A61-40F5-BF5B-3FE4EE75888C}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A54A1C9A-841C-4F09-AE8F-FC0316A3909D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A597E2A3-C5B9-42E0-A1CA-66CC1270E8AD}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A7D0CBF4-00D3-4828-A757-80D7A1D87A81}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A899A0D4-0524-447E-8E82-D4B422DF195E}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A95CF7A4-2C5C-4BFF-A55B-A465DEA2C674}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A9620166-624E-4CDA-8B32-BE2216AF73EA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{A9E55A7A-002E-4FC5-AFAA-6615B8B02D27}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{AA53C121-2A33-4D77-AC06-A028FD2D3A5F}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{B158E149-8311-4D8B-A129-3D44BEFD3AE9}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{B1AB2323-5653-4047-88B5-0A0AC77C1AF6}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{B29B4536-9A92-4E20-BADC-81FD8FB2D35C}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{B7481F7F-F7C7-4F8E-984C-C32310E0E895}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{B8190FAA-07D1-4B5B-83DC-9AEE13128A51}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{B870E476-9DAF-4E40-A2B5-531ED836877F}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{BA28C5AE-298A-4271-8679-407B466D65F6}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{BAF5251D-33AE-4E02-BAAB-52299F86E626}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{BBB15AD1-39EC-4508-AFC9-7516BD5091C1}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{BC0BC934-936E-49FB-8F68-EEF323E7C27D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{BCEBE93F-E57E-4E1F-AEF9-38CDD3D6B3D3}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{BEEFB525-54C8-4B8A-88FB-1BC4825E1A8E}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C1E883F1-CCB8-4919-8646-9CA1D059EB05}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C205047B-D52F-4A9F-ACD1-69C68A3EFCF7}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C30C9E99-DF94-49BE-9DCE-95C1B0B65626}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C3248CB7-2DB9-407A-96F4-73CA597289D7}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C3764C40-7507-456F-BE6F-4E164670B053}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C4EA1FC0-828C-4B5C-9E58-60E923C7C060}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C52391EA-8DD5-4E9C-B38A-1B6757A093FB}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C5B1CA8E-20B8-43D1-8971-C7C5CF400C84}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{C94C81DD-DB57-4A9B-9434-1B5D17B08D43}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{CA969230-0504-4E34-B635-AE5D3AFB2AEC}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{CB86BC80-91F8-4CE5-A788-06A5B153FF3E}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{CCC1067D-CA9A-4359-995D-6387601E9B00}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{CF6E2900-59ED-4A50-826C-24013F73C4A2}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{CF79D10A-B7E3-4CEE-8B3F-6BC28E6141FF}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{D2EFB60A-F070-4B85-A8BE-C0F4303DCDD8}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{D41062FE-C781-4675-8BF7-B5EBB8C75ABA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{D77FAEDF-5069-40D9-9D0F-644778723564}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{D7D7DDDC-8ED9-4592-AD81-A97A9ADC2E66}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{D8E43FA9-2D5B-42D5-8CA3-E14466E1B638}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{DB467224-3DE3-4B88-80B4-64914ADF22EB}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{DD98492D-1DCC-49F0-A224-4DB3459E649D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{DDBF878B-13EC-41C9-9E26-2164D3FEB685}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{DDCABC6F-8B62-4CEA-99B1-EEB4ACD47CC7}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{E27912A5-C857-49EA-8EA7-2D79ED9CF1AF}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{E2B1EF3D-718B-4D80-9DC0-29A41CBD3AB2}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{E4CA9DD9-966F-4F93-8BFC-32589F62A228}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{E78D5159-CE61-4778-9897-44931E17A375}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{E93B6DF1-ADC8-439D-930E-C8AEF42CD444}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{EB0EBFF6-6F33-41C8-8306-D5A885C309E1}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{ECA81B1C-6D42-4713-9230-48E5C2A0F627}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{EE4D431B-6EB3-4254-9EB8-83D7D2C944BA}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{EF6551FA-DBFB-4347-8559-9E5563441139}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{F14AF5C3-38B2-4205-8C2F-33428A356C7A}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{F1E7C683-9A05-47B0-9C28-5F751163593D}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{F4F24999-5F3B-4388-B515-7585AF095270}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{F50AFC27-1EE0-4251-AAC4-C32BB131B8CE}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{F5274AF3-CB15-4C52-BE69-E90CC6BBE467}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{F90B1CFC-78FC-4328-8DD0-98486CB07702}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{FAA43704-A0C7-4F12-8B96-08473685E49C}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{FAFB737D-2EAD-4F92-BAA8-77D111149EF2}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{FBC59DFF-1754-4B4B-9458-156FA4B878CB}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{FC01C4C3-D3BD-4BF6-9096-25BD59189416}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{FD75C7AD-2706-4698-8209-3CF5CCF4E398}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{FE381DC6-94BE-40A5-86C9-78E0C37D4750}
Successfully deleted: [Empty Folder] C:\Users\Desk\appdata\local\{FF9E6421-5B62-4CA0-B00A-D3824A0E89D1}



~~~ FireFox

Successfully deleted: [File] C:\Users\Desk\AppData\Roaming\mozilla\firefox\profiles\au9x37e5.default\user.js
Successfully deleted: [File] C:\Users\Desk\AppData\Roaming\mozilla\firefox\profiles\au9x37e5.default\searchplugins\conduit.xml
Successfully deleted the following from C:\Users\Desk\AppData\Roaming\mozilla\firefox\profiles\au9x37e5.default\prefs.js

user_pref("Smartbar.ConduitHomepagesList", "");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3306061");
user_pref("browser.search.defaultthis.engineName", "Connect DLC 5 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN39293500242225524&UM=2&SearchSource=3&q={searchTerms}");
user_pref("plugin.state.npconduitfirefoxplugin", 2);
user_pref("smartbar.machineId", "YPRSWMLNV8MNUX1UFD15QIH3RC2KJZ0CMIH+YPU74J96NXUOUB36JAPN7CLQWYXPLLM+P3LD+WTPIX6NBLXAVQ");
Emptied folder: C:\Users\Desk\AppData\Roaming\mozilla\firefox\profiles\au9x37e5.default\minidumps [16 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/10/2013 at 19:45:12.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



2 ADWCleaner

# AdwCleaner v3.015 - Report created 10/12/2013 at 19:51:19
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Desk - DESK-PC
# Running from : C:\Users\Desk\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Desk\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Desk\AppData\Local\PackageAware
Folder Deleted : C:\Users\Desk\AppData\Local\WhiteListing
Folder Deleted : C:\Users\Desk\AppData\Local\Temp\NativeMessaging
Folder Deleted : C:\Users\Desk\AppData\Local\Temp\TempDir
Folder Deleted : C:\Users\Desk\AppData\Roaming\NCH Software
File Deleted : C:\Windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\AppDataLow\Software\Scorpion Saver
Key Deleted : [x64] HKLM\SOFTWARE\Description
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Desk\AppData\Roaming\Mozilla\Firefox\Profiles\au9x37e5.default\prefs.js ]

Line Deleted : user_pref("CT3306061_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1385092670203,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");

-\\ Google Chrome v

[ File : C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [2820 octets] - [10/12/2013 19:49:48]
AdwCleaner[R1].txt - [2880 octets] - [10/12/2013 19:50:55]
AdwCleaner[S0].txt - [2695 octets] - [10/12/2013 19:51:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2755 octets] ##########



3 MBAM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.10.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Desk :: DESK-PC [administrator]

Protection: Enabled

12/10/2013 8:03:18 PM
mbam-log-2013-12-10 (20-03-18).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 690571
Time elapsed: 55 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
D:\Old_Drive\Users\Desk\Program Files\Zuma Deluxe.zip (Trojan.FakeAlert.RRE) -> Quarantined and deleted successfully.
D:\Old_Drive\Users\Desk\Program Files\Zuma Deluxe\PopUninstall.exe (Trojan.FakeAlert.RRE) -> Quarantined and deleted successfully.

(end)


4 FRBAR

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013 01
Ran by Desk (administrator) on DESK-PC on 10-12-2013 21:22:36
Running from C:\Users\Desk\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Aventail Corporation) C:\Windows\System32\ngvpnmgr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Launchpad.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Koninklijke Philips Electronics N.V.) C:\Users\Desk\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozystat.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel® Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE [7138816 2012-06-11] (Broadcom Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1099360 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395384 2012-04-27] (Acronis)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Desk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-24] (Google Inc.)
HKCU\...\Run: [ALconnect] - C:\Users\Desk\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe [713816 2012-12-20] (Koninklijke Philips Electronics N.V.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587680 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [AnyDVD] - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7417944 2013-09-27] (SlySoft, Inc.)
MountPoints2: {7823c6bb-bdba-11e1-ac55-94dbc9e34b66} - G:\LaunchU3.exe
MountPoints2: {a4d0ee52-b41e-11e1-bfe6-806e6f6e6963} - E:\AutoRun\AutoRun.exe
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2637784 2012-04-27] (Acronis)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Desk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Desk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk
ShortcutTarget: Serviio.lnk -> C:\Program Files\Serviio\bin\ServiioConsole.exe ()
Startup: C:\Users\Desk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Setup - Shortcut.lnk
ShortcutTarget: Setup - Shortcut.lnk -> D:\Setup.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comca...insDate09292013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8F63F89D3048CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.2.cab
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds...ransferCtrl.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.su...indows-i586.cab
DPF: HKLM-x32 {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://webmail.alte.../WhlCompMgr.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1007
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.67.222.123 208.67.220.123 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Desk\AppData\Roaming\Mozilla\Firefox\Profiles\au9x37e5.default
FF DefaultSearchEngine: XFINITY
FF SelectedSearchEngine: XFINITY
FF Homepage: hxxp://xfinity.comcast.net/?cid=insDate09292013
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @virtools.com/3DviaPlayer - C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Desk\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Desk\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\xfinity.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome:
=======
CHR HomePage: https://portal.adp.com/wps/myportal/sitemap/Employee/Home/NasWelcome/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3gzCzMTD_dgA3cLJz8jA09jw1A3U5dgQ-dQY30_j_zcVP2CbEdFANRq1qo!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Users\Desk\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Desk\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Desk\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Desk\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Desk\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Rhapsody) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bchmkapadehcjeefcedoagboglpakpkk\1_0
CHR Extension: (James White) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0
CHR Extension: (Google Calendar) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (Skydrive) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\elngnfedhccljkjajklaoccidmnhbdoa\1.0_0
CHR Extension: (LastPass) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.0.16_0
CHR Extension: (Xfinity) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hemjgdpngmhbimofcicjfhibkdbigdmb\1_0
CHR Extension: (Skype Click to Call) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (LogMeIn) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon\1.0.0.1037_0
CHR Extension: (Weather Underground) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0
CHR HKLM-x32\...\Chrome\Extension: [hemjgdpngmhbimofcicjfhibkdbigdmb] - C:\ProgramData\comcastModemRelease\shortcuts\chrome\xfinity.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Desk\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx

==================== Services (Whitelisted) =================

S3 DMService; C:\Windows\Downloaded Program Files\DMService.exe [517360 2013-10-20] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-10-24] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-10-24] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-06-04] (Mozy, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 NgVpnMgr; C:\Windows\system32\ngvpnmgr.exe [510024 2011-05-18] (Aventail Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-09-15] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [41600 2012-07-06] (Microsoft Corporation)
S2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [354816 2013-03-22] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
S4 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 uagqecsvc; C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe [169200 2013-01-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE [48128 2012-06-11] (Broadcom Corporation)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWow64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-11-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-20] (Broadcom Corporation.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S2 MCSTRM; No ImagePath
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-02] (Mozy, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NgFilter; C:\Windows\System32\DRIVERS\ngfilter.sys [26184 2011-05-18] (Aventail Corporation)
R3 NgLog; C:\Windows\System32\DRIVERS\nglog.sys [31304 2011-05-18] (Aventail Corporation)
R3 NgVpn; C:\Windows\System32\DRIVERS\ngvpn.sys [103496 2011-05-18] (Aventail Corporation)
R3 NgWfp; C:\Windows\System32\DRIVERS\ngwfp.sys [28744 2011-05-18] (Aventail Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-08-20] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-08-20] (RapidSolution Software AG)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-07-04] (Acronis)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-10 21:22 - 2013-12-10 21:22 - 00027164 _____ C:\Users\Desk\Desktop\FRST.txt
2013-12-10 21:22 - 2013-12-10 21:22 - 00000000 ____D C:\FRST
2013-12-10 20:02 - 2013-12-10 20:02 - 01928212 _____ (Farbar) C:\Users\Desk\Desktop\FRST64.exe
2013-12-10 19:48 - 2013-12-10 19:48 - 01061389 _____ (Farbar) C:\Users\Desk\Downloads\FRST.exe
2013-12-10 19:45 - 2013-12-10 19:45 - 00020321 _____ C:\Users\Desk\Desktop\JRT.txt
2013-12-10 19:43 - 2013-12-10 19:41 - 01226802 _____ C:\Users\Desk\Desktop\AdwCleaner.exe
2013-12-10 19:42 - 2013-12-10 19:51 - 00000000 ____D C:\AdwCleaner
2013-12-10 19:41 - 2013-12-10 19:41 - 01226802 _____ C:\Users\Desk\Downloads\AdwCleaner.exe
2013-12-10 19:41 - 2013-12-10 19:41 - 01226802 _____ C:\Users\Desk\Downloads\AdwCleaner (1).exe
2013-12-10 19:40 - 2013-12-10 19:40 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 19:38 - 2013-12-10 19:37 - 01034531 _____ (Thisisu) C:\Users\Desk\Desktop\JRT.exe
2013-12-10 19:37 - 2013-12-10 19:37 - 01034531 _____ (Thisisu) C:\Users\Desk\Downloads\JRT.exe
2013-12-10 16:51 - 2013-12-10 16:51 - 00000000 ____D C:\Users\Desk\Downloads\hosts (2)
2013-12-10 16:50 - 2013-12-10 16:51 - 00138328 _____ C:\Users\Desk\Downloads\hosts (2).zip
2013-12-10 16:03 - 2013-12-10 16:03 - 00001148 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-10 16:03 - 2013-12-10 16:03 - 00000000 ____D C:\Users\Desk\AppData\Roaming\Malwarebytes
2013-12-10 16:03 - 2013-12-10 16:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 16:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-06 15:48 - 2013-12-06 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-03 03:01 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-03 03:00 - 2013-12-03 03:01 - 00007582 _____ C:\Windows\IE11_main.log
2013-12-03 03:00 - 2013-12-03 03:00 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-03 03:00 - 2013-12-03 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-03 03:00 - 2013-12-03 03:00 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-03 03:00 - 2013-12-03 03:00 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-03 03:00 - 2013-12-03 03:00 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-25 23:40 - 2013-11-25 23:40 - 00001024 _____ C:\.rnd
2013-11-25 23:40 - 2013-11-25 23:40 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2013-11-25 23:40 - 2013-10-24 12:41 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2013-11-25 23:40 - 2013-10-24 12:40 - 00092488 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2013-11-25 23:40 - 2013-10-24 12:40 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2013-11-25 23:40 - 2013-04-30 10:57 - 00072216 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys
2013-11-23 18:43 - 2013-11-23 18:43 - 00000906 ____R C:\Users\Desk\Documents\BitLocker Recovery Key DDFEB665-8274-49F0-95D9-B90B8513D402.txt
2013-11-23 17:35 - 2013-11-23 18:00 - 1993439512 _____ C:\Users\Desk\Downloads\15_restore_2013_11_19_15_04_4973110.exe
2013-11-23 17:35 - 2013-11-23 17:51 - 1124219457 _____ C:\Users\Desk\Downloads\16_restore_2013_11_19_15_04_4973112.exe
2013-11-23 17:32 - 2013-11-23 17:56 - 1925612685 _____ C:\Users\Desk\Downloads\14_restore_2013_11_19_15_04_4973108.exe
2013-11-23 17:31 - 2013-11-23 17:57 - 1994339957 _____ C:\Users\Desk\Downloads\11_restore_2013_11_19_15_04_4973100.exe
2013-11-23 17:31 - 2013-11-23 17:56 - 1920369407 _____ C:\Users\Desk\Downloads\12_restore_2013_11_19_15_04_4973102.exe
2013-11-23 17:31 - 2013-11-23 17:56 - 1909456039 _____ C:\Users\Desk\Downloads\13_restore_2013_11_19_15_04_4973105.exe
2013-11-23 13:33 - 2013-12-10 15:33 - 00136068 _____ C:\Users\Desk\Downloads\OTL.Txt
2013-11-23 13:33 - 2013-11-23 20:06 - 00108984 _____ C:\Users\Desk\Downloads\Extras.Txt
2013-11-23 13:29 - 2013-11-23 13:29 - 00602112 _____ (OldTimer Tools) C:\Users\Desk\Downloads\OTL.exe
2013-11-23 11:46 - 2013-11-23 12:22 - 1921922258 _____ C:\Users\Desk\Downloads\10_restore_2013_11_19_15_04_4973098.exe
2013-11-21 21:02 - 2013-11-21 21:02 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-11-21 21:01 - 2013-11-21 21:04 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-11-21 21:01 - 2013-11-21 21:01 - 00001418 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-11-21 21:01 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-11-21 20:48 - 2013-11-21 20:48 - 00000000 ____D C:\Users\Desk\Desktop\Molly Pics
2013-11-20 21:21 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\Windows\system32\AdpeakProxy64.dll
2013-11-20 06:08 - 2013-11-20 21:06 - 1920533691 _____ C:\Users\Desk\Downloads\7_restore_2013_11_19_15_04_4973090.exe
2013-11-20 06:08 - 2013-11-20 21:04 - 1921005264 _____ C:\Users\Desk\Downloads\5_restore_2013_11_19_15_04_4973085.exe
2013-11-20 06:08 - 2013-11-20 21:03 - 1920131359 _____ C:\Users\Desk\Downloads\8_restore_2013_11_19_15_04_4973092.exe
2013-11-20 06:08 - 2013-11-20 20:35 - 1922782062 _____ C:\Users\Desk\Downloads\9_restore_2013_11_19_15_04_4973095.exe
2013-11-20 06:07 - 2013-11-20 21:05 - 1896415826 _____ C:\Users\Desk\Downloads\6_restore_2013_11_19_15_04_4973088.exe
2013-11-19 22:31 - 2013-11-20 06:05 - 1925876455 _____ C:\Users\Desk\Downloads\4_restore_2013_11_19_15_04_4973082.exe
2013-11-19 22:23 - 2013-11-20 06:03 - 1924240615 _____ C:\Users\Desk\Downloads\3_restore_2013_11_19_15_04_4973080.exe
2013-11-19 22:23 - 2013-11-20 06:02 - 1924062877 _____ C:\Users\Desk\Downloads\2_restore_2013_11_19_15_04_4973077.exe
2013-11-19 21:56 - 2013-11-19 22:20 - 1923358645 _____ C:\Users\Desk\Downloads\1_restore_2013_11_19_15_04_4973073.exe
2013-11-19 21:08 - 2013-11-19 21:08 - 00923784 _____ (CNET Download.com) C:\Users\Desk\Downloads\cbsidlm-cbsi145-Pandora_Recovery-BP-10694796 (2).exe
2013-11-19 21:08 - 2013-11-19 21:08 - 00923784 _____ (CNET Download.com) C:\Users\Desk\Downloads\cbsidlm-cbsi145-Pandora_Recovery-BP-10694796 (1).exe
2013-11-19 21:07 - 2013-11-19 21:07 - 00923784 _____ (CNET Download.com) C:\Users\Desk\Downloads\cbsidlm-cbsi145-Pandora_Recovery-BP-10694796.exe
2013-11-13 20:42 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 20:42 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 20:42 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 20:42 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 20:42 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 20:42 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 20:42 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 20:42 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 20:42 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 20:42 - 2013-10-03 19:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 20:42 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 20:42 - 2013-10-03 18:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 20:42 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 20:42 - 2013-10-02 19:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 20:42 - 2013-10-02 19:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 20:42 - 2013-09-27 18:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 20:42 - 2013-09-24 19:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 20:42 - 2013-09-24 19:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 20:42 - 2013-09-24 19:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 20:42 - 2013-09-24 19:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 20:42 - 2013-09-24 19:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 20:42 - 2013-09-24 19:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 20:42 - 2013-09-24 19:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 20:42 - 2013-09-24 19:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 20:42 - 2013-09-24 18:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 20:42 - 2013-09-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 20:42 - 2013-09-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 20:42 - 2013-09-24 18:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 20:42 - 2013-09-24 18:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 20:42 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2013-12-10 21:22 - 2013-12-10 21:22 - 00027164 _____ C:\Users\Desk\Desktop\FRST.txt
2013-12-10 21:22 - 2013-12-10 21:22 - 00000000 ____D C:\FRST
2013-12-10 21:22 - 2012-06-11 15:17 - 02025941 _____ C:\Windows\WindowsUpdate.log
2013-12-10 21:22 - 2009-07-13 19:34 - 00530828 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2013-12-10 21:21 - 2012-06-11 22:23 - 00000000 ____D C:\Users\Desk\AppData\Roaming\Skype
2013-12-10 21:20 - 2010-11-20 20:47 - 00490076 _____ C:\Windows\PFRO.log
2013-12-10 21:20 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-10 21:20 - 2009-07-13 21:51 - 00055867 _____ C:\Windows\setupact.log
2013-12-10 20:52 - 2012-06-11 17:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 20:39 - 2012-08-24 16:56 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000UA.job
2013-12-10 20:02 - 2013-12-10 20:02 - 01928212 _____ (Farbar) C:\Users\Desk\Desktop\FRST64.exe
2013-12-10 19:59 - 2009-07-13 21:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 19:59 - 2009-07-13 21:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 19:58 - 2009-07-13 22:13 - 00880274 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-10 19:51 - 2013-12-10 19:42 - 00000000 ____D C:\AdwCleaner
2013-12-10 19:48 - 2013-12-10 19:48 - 01061389 _____ (Farbar) C:\Users\Desk\Downloads\FRST.exe
2013-12-10 19:45 - 2013-12-10 19:45 - 00020321 _____ C:\Users\Desk\Desktop\JRT.txt
2013-12-10 19:41 - 2013-12-10 19:43 - 01226802 _____ C:\Users\Desk\Desktop\AdwCleaner.exe
2013-12-10 19:41 - 2013-12-10 19:41 - 01226802 _____ C:\Users\Desk\Downloads\AdwCleaner.exe
2013-12-10 19:41 - 2013-12-10 19:41 - 01226802 _____ C:\Users\Desk\Downloads\AdwCleaner (1).exe
2013-12-10 19:40 - 2013-12-10 19:40 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 19:37 - 2013-12-10 19:38 - 01034531 _____ (Thisisu) C:\Users\Desk\Desktop\JRT.exe
2013-12-10 19:37 - 2013-12-10 19:37 - 01034531 _____ (Thisisu) C:\Users\Desk\Downloads\JRT.exe
2013-12-10 18:39 - 2012-08-24 16:56 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000Core.job
2013-12-10 17:27 - 2012-06-04 15:17 - 00005156 _____ C:\Windows\mozy.blk
2013-12-10 17:27 - 2012-06-04 15:17 - 00003498 _____ C:\Windows\mozy.flt
2013-12-10 16:51 - 2013-12-10 16:51 - 00000000 ____D C:\Users\Desk\Downloads\hosts (2)
2013-12-10 16:51 - 2013-12-10 16:50 - 00138328 _____ C:\Users\Desk\Downloads\hosts (2).zip
2013-12-10 16:51 - 2009-07-13 19:34 - 00530881 _____ C:\Windows\system32\Drivers\etc\HOSTS.MVP
2013-12-10 16:21 - 2012-12-12 18:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-10 16:20 - 2012-06-11 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-10 16:03 - 2013-12-10 16:03 - 00001148 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-10 16:03 - 2013-12-10 16:03 - 00000000 ____D C:\Users\Desk\AppData\Roaming\Malwarebytes
2013-12-10 16:03 - 2013-12-10 16:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 15:33 - 2013-11-23 13:33 - 00136068 _____ C:\Users\Desk\Downloads\OTL.Txt
2013-12-10 14:33 - 2012-07-29 21:26 - 00000000 ____D C:\Users\Desk\AppData\Local\0B27C6D1-3594-4BCE-8CCE-870DC1176C8E.aplzod
2013-12-08 14:07 - 2012-06-16 06:34 - 00870128 _____ C:\Users\Desk\AppData\Roaming\mcs.rma
2013-12-08 14:07 - 2012-06-16 06:34 - 00000004 _____ C:\Users\Desk\AppData\Roaming\B8A679
2013-12-07 19:42 - 2012-06-20 20:24 - 00000000 ____D C:\Program Files\MozyHome
2013-12-06 15:48 - 2013-12-06 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-05 10:41 - 2012-08-24 16:57 - 00002360 _____ C:\Users\Desk\Desktop\Google Chrome.lnk
2013-12-03 18:34 - 2012-08-24 16:56 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000UA
2013-12-03 18:34 - 2012-08-24 16:56 - 00003476 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000Core
2013-12-03 18:32 - 2012-06-11 15:18 - 00001452 _____ C:\Users\Desk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 03:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-12-03 03:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-03 03:01 - 2013-12-03 03:00 - 00007582 _____ C:\Windows\IE11_main.log
2013-12-03 03:00 - 2013-12-03 03:00 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-03 03:00 - 2013-12-03 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-03 03:00 - 2013-12-03 03:00 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-03 03:00 - 2013-12-03 03:00 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-03 03:00 - 2013-12-03 03:00 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 03:00 - 2013-12-03 03:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 03:00 - 2013-12-03 03:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 03:00 - 2013-12-03 03:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 03:00 - 2013-12-03 03:00 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 03:00 - 2013-12-03 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-25 23:40 - 2013-11-25 23:40 - 00001024 _____ C:\.rnd
2013-11-25 23:40 - 2013-11-25 23:40 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2013-11-25 23:39 - 2012-06-11 17:57 - 00000000 ____D C:\Users\Desk\AppData\Local\Deployment
2013-11-24 07:44 - 2012-06-11 16:01 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-11-23 20:06 - 2013-11-23 13:33 - 00108984 _____ C:\Users\Desk\Downloads\Extras.Txt
2013-11-23 18:43 - 2013-11-23 18:43 - 00000906 ____R C:\Users\Desk\Documents\BitLocker Recovery Key DDFEB665-8274-49F0-95D9-B90B8513D402.txt
2013-11-23 18:00 - 2013-11-23 17:35 - 1993439512 _____ C:\Users\Desk\Downloads\15_restore_2013_11_19_15_04_4973110.exe
2013-11-23 17:57 - 2013-11-23 17:31 - 1994339957 _____ C:\Users\Desk\Downloads\11_restore_2013_11_19_15_04_4973100.exe
2013-11-23 17:56 - 2013-11-23 17:32 - 1925612685 _____ C:\Users\Desk\Downloads\14_restore_2013_11_19_15_04_4973108.exe
2013-11-23 17:56 - 2013-11-23 17:31 - 1920369407 _____ C:\Users\Desk\Downloads\12_restore_2013_11_19_15_04_4973102.exe
2013-11-23 17:56 - 2013-11-23 17:31 - 1909456039 _____ C:\Users\Desk\Downloads\13_restore_2013_11_19_15_04_4973105.exe
2013-11-23 17:51 - 2013-11-23 17:35 - 1124219457 _____ C:\Users\Desk\Downloads\16_restore_2013_11_19_15_04_4973112.exe
2013-11-23 13:29 - 2013-11-23 13:29 - 00602112 _____ (OldTimer Tools) C:\Users\Desk\Downloads\OTL.exe
2013-11-23 12:22 - 2013-11-23 11:46 - 1921922258 _____ C:\Users\Desk\Downloads\10_restore_2013_11_19_15_04_4973098.exe
2013-11-21 21:04 - 2013-11-21 21:01 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-11-21 21:02 - 2013-11-21 21:02 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-11-21 21:01 - 2013-11-21 21:01 - 00001418 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-11-21 20:48 - 2013-11-21 20:48 - 00000000 ____D C:\Users\Desk\Desktop\Molly Pics
2013-11-21 20:39 - 2012-06-12 20:37 - 00002244 ____H C:\Users\Desk\Documents\Default.rdp
2013-11-20 21:06 - 2013-11-20 06:08 - 1920533691 _____ C:\Users\Desk\Downloads\7_restore_2013_11_19_15_04_4973090.exe
2013-11-20 21:05 - 2013-11-20 06:07 - 1896415826 _____ C:\Users\Desk\Downloads\6_restore_2013_11_19_15_04_4973088.exe
2013-11-20 21:04 - 2013-11-20 06:08 - 1921005264 _____ C:\Users\Desk\Downloads\5_restore_2013_11_19_15_04_4973085.exe
2013-11-20 21:03 - 2013-11-20 06:08 - 1920131359 _____ C:\Users\Desk\Downloads\8_restore_2013_11_19_15_04_4973092.exe
2013-11-20 20:35 - 2013-11-20 06:08 - 1922782062 _____ C:\Users\Desk\Downloads\9_restore_2013_11_19_15_04_4973095.exe
2013-11-20 06:05 - 2013-11-19 22:31 - 1925876455 _____ C:\Users\Desk\Downloads\4_restore_2013_11_19_15_04_4973082.exe
2013-11-20 06:03 - 2013-11-19 22:23 - 1924240615 _____ C:\Users\Desk\Downloads\3_restore_2013_11_19_15_04_4973080.exe
2013-11-20 06:02 - 2013-11-19 22:23 - 1924062877 _____ C:\Users\Desk\Downloads\2_restore_2013_11_19_15_04_4973077.exe
2013-11-19 22:20 - 2013-11-19 21:56 - 1923358645 _____ C:\Users\Desk\Downloads\1_restore_2013_11_19_15_04_4973073.exe
2013-11-19 21:08 - 2013-11-19 21:08 - 00923784 _____ (CNET Download.com) C:\Users\Desk\Downloads\cbsidlm-cbsi145-Pandora_Recovery-BP-10694796 (2).exe
2013-11-19 21:08 - 2013-11-19 21:08 - 00923784 _____ (CNET Download.com) C:\Users\Desk\Downloads\cbsidlm-cbsi145-Pandora_Recovery-BP-10694796 (1).exe
2013-11-19 21:07 - 2013-11-19 21:07 - 00923784 _____ (CNET Download.com) C:\Users\Desk\Downloads\cbsidlm-cbsi145-Pandora_Recovery-BP-10694796.exe
2013-11-19 03:21 - 2010-11-20 20:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 03:00 - 2012-06-11 16:07 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-19 03:00 - 2012-06-11 16:07 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-19 03:00 - 2012-06-11 16:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-14 03:01 - 2013-07-26 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 03:00 - 2012-06-11 16:35 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 09:00 - 2012-06-11 15:27 - 00000000 ____D C:\Program Files (x86)\Intel

Some content of TEMP:
====================
C:\Users\Desk\AppData\Local\Temp\Quarantine.exe
C:\Users\Desk\AppData\Local\Temp\SpOrder.dll
C:\Users\Desk\AppData\Local\Temp\_is977E.exe
C:\Users\Desk\AppData\Local\Temp\_isA3BD.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 00:34

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2013 01
Ran by Desk at 2013-12-10 21:22:58
Running from C:\Users\Desk\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Tools for .Net 3.5 (x32 Version: 3.11.50727)
3DVIA player 5.0.0.20 (x32 Version: 5.0.20)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acronis True Image WD Edition (x32 Version: 13.0.14184)
ActiveLink Connect (HKCU Version: 5.6.0.16645)
ActiveLink Connect (x32 Version: 5.6.0.16645)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
Altova XMLSpy® 2012 rel. 2 (x64) Enterprise Edition (Version: 2012.02.00)
AnyDVD (x32 Version: 7.3.5.0)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0)
Audials (x32 Version: 9.1.31900.0)
Aventail Access Manager (HKCU Version: 10.53.52)
Aventail Access Manager (x32 Version: 10.53.52)
Aventail Connect (Version: 10.53.55)
Aventail OPSWAT End Point Control (x32 Version: 10.53.52)
Aventail Web Proxy Agent (x32 Version: 10.53.55)
Aventail Webifiers (x32 Version: 10.53.52)
BabySmash! (HKCU Version: 1.1.0.96)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0)
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0)
Bonjour (Version: 3.0.0.10)
Broadcom InConcert Maestro (Version: 1.0.5.3200)
Broadcom Wireless Utility (Version: 5.100.82.97)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Cisco WebEx Meetings (HKCU)
CloneDVD2 (x32 Version: 2.9.3.0)
CloneDVDmobile (x32 Version: 1.9.0.6)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Media Suite (x32 Version: 8.0.2813)
CyberLink MediaShow (x32 Version: 5.1.2109n)
CyberLink Power2Go (x32 Version: 6.1.5025)
CyberLink PowerBackup (x32 Version: 2.5.6023)
CyberLink PowerDirector (x32 Version: 8.0.4305)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298)
Dotfuscator Software Services - Community Edition (x32 Version: 5.0.2500.0)
Entity Framework Designer for Visual Studio 2012 - enu (x32 Version: 11.1.20702.00)
GhostDoc Pro (x32 Version: 3.0.11216)
Google Chrome (HKCU Version: 31.0.1650.63)
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1)
iCloud (Version: 3.0.2.163)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Intel® Network Connections 16.1.53.0 (Version: 16.1.53.0)
Intel® Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)
iTunes (Version: 11.1.1.11)
Java Auto Updater (x32 Version: 2.0.4.1)
Java™ 6 Update 25 (x32 Version: 6.0.250)
JetBrains dotTrace Performance 5.0 (x32 Version: 5.0.1045)
JetBrains ReSharper 6.1 (x32 Version: 6.1.1000)
LocalESPC (x32 Version: 8.59.25584)
LocalESPCui for en-us (x32 Version: 8.59.25584)
LogMeIn (x32 Version: 4.1.3430)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (x32 Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (x32 Version: 2.0.50217.0)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Corporation (x32 Version: 9.1.0.0)
Microsoft Forefront UAG endpoint components v4.0.0 (x32)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727)
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727)
Microsoft Money Plus (x32 Version: 17)
Microsoft Money Shared Libraries (x32 Version: 17.0.0.3817)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929)
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Silverlight 3 SDK (x32 Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (x32 Version: 4.0.60310.0)
Microsoft Silverlight 5 SDK (x32 Version: 5.0.61118.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.3.5500.0)
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Data-Tier App Framework (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.0.2316.0)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service (x32 Version: 11.0.2100.60)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server Database Publishing Wizard 1.4 (x32 Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (Version: 2.0.1578.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (x32 Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft System CLR Types for SQL Server 2012 (x32 Version: 11.0.2100.60)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219)
Microsoft Virtual PC 2007 (Version: 6.0.156.0)
Microsoft Visual C++ Compilers 2010 Standard - enu - x64 (Version: 10.0.40219)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual F# 2.0 Runtime (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727)
Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Ultimate - ENU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Ultimate - ENU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729)
Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727.1)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - enu (x32 Version: 10.3.20225.0)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MozyHome (Version: 2.24.1.358)
MSVCRT (x32 Version: 15.4.2862.0708)
MyDefrag v4.3.1 (Version: 4.0.0.0)
Picasa 3 (x32 Version: 3.9)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1)
Prerequisites for SSDT (x32 Version: 11.0.2100.60)
QuickTime (x32 Version: 7.74.80.86)
Rhapsody (x32)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0)
Serviio
Skype Click to Call (x32 Version: 6.13.13771)
Skype™ 6.11 (x32 Version: 6.11.102)
SmartSound Quicktracks Plugin (x32 Version: 3.0.3.0)
Spybot - Search & Destroy (x32 Version: 2.2.25)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0)
SyncToy 2.1 (x64) (Version: 2.1.0)
tools-windows (x32 Version: 9.2.3.1031769)
UltraCompare v7.20 (x32 Version: 7.0.97)
UltraEdit 16.30 (x32 Version: 16.30.5)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.50727)
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
VirtualCloneDrive (x32)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (x32 Version: 4.0.8080.0)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0)
VMware Player (Version: 5.0.2)
VMware Player (x32 Version: 5.0.2)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0)
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0)
WCF RIA Services V1.0 SP2 (x32 Version: 4.1.61829.0)
Web Deployment Tool (Version: 1.1.0618)
WIDCOMM Bluetooth Software (Version: 6.5.0.3200)
Windows App Certification Kit Native Components (Version: 8.59.25584)
Windows App Certification Kit x64 (x32 Version: 8.59.25584)
Windows Home Server 2011 Connector (Version: 6.1.8800.16400)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584)
Windows Software Development Kit (x32 Version: 8.59.25584)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584)

==================== Restore Points =========================

22-11-2013 03:54:58 Removed ScorpionSaver
22-11-2013 03:55:47 Removed ScorpionSaver Services
22-11-2013 10:10:43 Windows Update
23-11-2013 19:31:51 Removed ScorpionSaver
23-11-2013 19:32:06 Removed ScorpionSaver Services
26-11-2013 03:24:05 Windows Update
26-11-2013 06:40:01 Installed LogMeIn
30-11-2013 03:23:45 Windows Update
03-12-2013 10:00:10 Windows Update
06-12-2013 23:42:17 Windows Update
08-12-2013 02:42:35 Installed MozyHome
09-12-2013 19:29:58 Removed ScorpionSaver
09-12-2013 19:30:22 Removed ScorpionSaver Services
10-12-2013 22:59:45 Removed ScorpionSaver
10-12-2013 23:00:00 Removed ScorpionSaver Services
11-12-2013 03:02:59 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2013-12-10 21:22 - 00530881 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 www.activemeter.com #[Tracking.Cookie]
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {1746B11B-9305-4D8B-A3EA-CAAC5A3873BF} - System32\Tasks\Microsoft\Windows\Windows Server\RenewClientCertificate => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {207FF5B9-3D92-430F-959E-A1F27ABCD495} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {263AF174-9B0F-4947-9241-7055DFD51F98} - System32\Tasks\Microsoft\Windows\Windows Server\Backup_On_Idle => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {2BD8648D-AA60-421F-BB13-E6EE6A2E585C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000Core => C:\Users\Desk\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-24] (Google Inc.)
Task: {4B212797-BBE3-4CCD-AEA2-442ED0514A44} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {74D0F877-FB8C-4533-8664-E9079EA3AEE1} - System32\Tasks\Microsoft\Windows\Windows Server\UploadCEIPData => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {815B1654-83D3-461D-AAC9-353142FBD358} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {9332F385-E6E6-486F-AD05-5528A9FC477E} - System32\Tasks\Microsoft\Windows\Windows Server\Health Definition Updates => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {99C58095-BE93-46C5-9617-73A25DB5B4E5} - System32\Tasks\Microsoft\Windows\Windows Server\Alert Evaluations => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {AD6790D2-BE69-430F-87B2-FE5158E14309} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000UA => C:\Users\Desk\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-24] (Google Inc.)
Task: {B6A9F5BD-26FA-426B-A48B-E74677EF424F} - System32\Tasks\Microsoft\Windows\Windows Server\Backup => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {BC34F4C6-34CD-4977-9FD8-0FD676FCACE6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C30163E6-1923-4881-9531-35B8A10623E0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C54F20B5-1647-4D49-BE86-537AD14F38C1} - System32\Tasks\ASUS\i-Setup161951 => C:\Windows\Chipset\AsusSetup.exe [2010-09-07] (ASUSTeK Computer Inc.)
Task: {CD9C6C9C-47D1-4894-A1D5-E6A74FEAEB4E} - System32\Tasks\Microsoft\Windows\Windows Server\InstallAddIns => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {CFFA268E-8578-4F47-BE95-68AFEF87509F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D4EFAC82-902B-481C-B523-3E414F52A38D} - System32\Tasks\Microsoft\Windows\Windows Server\SaveCEIPData => C:\Program Files\Windows Server\Bin\runtask.exe [2012-07-06] (Microsoft Corporation)
Task: {DEF3B917-0A00-4A2D-A1B7-F4CFA5E89D66} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {E842D465-73AB-4E95-8A01-1045FE682D79} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {E887D3F7-9068-4FB5-B849-8660090C3491} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {EEC92684-D36C-4D23-B57E-AA30982231A6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {F4DDA686-07AA-46C5-AB57-5FBC75E0B17C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000Core.job => C:\Users\Desk\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3502958198-3116322898-1808014217-1000UA.job => C:\Users\Desk\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-03-19 21:09 - 2012-03-19 21:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-10 14:48 - 2013-10-10 14:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-21 21:01 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-11-21 21:01 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-11-21 21:01 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-11-21 21:01 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-11-21 21:01 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-02-26 01:28 - 2013-02-26 01:28 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2009-11-02 13:20 - 2009-11-02 13:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 13:23 - 2009-11-02 13:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-08-14 02:35 - 2013-08-14 02:35 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\fb5c42d5dec0349cb8710146b189cd6b\IsdiInterop.ni.dll
2012-06-11 15:54 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2013 09:20:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2013 07:52:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/10/2013 09:20:56 PM) (Source: Service Control Manager) (User: )
Description: The Serviio service terminated unexpectedly. It has done this 1 time(s).

Error: (12/10/2013 09:20:47 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (12/10/2013 09:20:08 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/10/2013 07:52:29 PM) (Source: Service Control Manager) (User: )
Description: The Serviio service terminated unexpectedly. It has done this 1 time(s).

Error: (12/10/2013 07:52:18 PM) (Source: Service Control Manager) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (12/10/2013 09:20:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/10/2013 07:52:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2013-12-10 20:47:39.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:47:39.626
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:47:39.541
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:47:03.336
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6002.18005_none_36c61ef4ef40c41e\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:47:03.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6002.18005_none_36c61ef4ef40c41e\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:47:03.162
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6002.18005_none_36c61ef4ef40c41e\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:44:00.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:44:00.178
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:44:00.086
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-10 20:42:21.142
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Old_Drive\Windows\winsxs\Backup\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db_bcrypt.dll_e2f091ac because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 7887.34 MB
Available physical RAM: 4750.33 MB
Total Pagefile: 18125.52 MB
Available Pagefile: 14420.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:59.78 GB) NTFS
Drive d: () (Fixed) (Total:596.17 GB) (Free:378.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (New Volume) (Fixed) (Total:29.82 GB) (Free:19.69 GB) NTFS
Drive g: () (Removable) (Total:3.73 GB) (Free:3.52 GB) FAT32
Drive h: (Disc) (CDROM) (Total:0.03 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 4849D8E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 70E36222)
Partition 1: (Active) - (Size=596 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 30 GB) (Disk ID: CAC80EA0)
Partition 1: (Not Active) - (Size=30 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,962 posts
Download the enclosed file. Attached File  fixlist.txt   197bytes   40 downloads

Save it in the location FRST is.

Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

How is the computer doing?
  • 0

#5
1brokenpc

1brokenpc

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Here is the FixLog from FRST. I believe that the computer is running much better now. Thank you.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-12-2013
Ran by Desk at 2013-12-11 19:10:34 Run:1
Running from C:\Users\Desk\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\Users\Desk\AppData\Local\Temp\Quarantine.exe
C:\Users\Desk\AppData\Local\Temp\SpOrder.dll
C:\Users\Desk\AppData\Local\Temp\_is977E.exe
C:\Users\Desk\AppData\Local\Temp\_isA3BD.exe
End
*****************

C:\Users\Desk\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Desk\AppData\Local\Temp\SpOrder.dll => Moved successfully.
C:\Users\Desk\AppData\Local\Temp\_is977E.exe => Moved successfully.
C:\Users\Desk\AppData\Local\Temp\_isA3BD.exe => Moved successfully.

==== End of Fixlog ====
  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,962 posts
Congratulations.

Since the tools we used to scan the computer, as well as tools to delete files and folders, are no longer needed, they should be removed, as well as the folders created by these tools.

Run OTL. Click on the Cleanup button and follow the prompts.


Run AdwCleaner and uninstall

Manually remove any tool left.

Here are some suggestions.

  • Always keep your JAVA updated. Older versions will make your computer vulnerable.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Miekiemoes.

Best wishes! Posted Image
  • 0

#7
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,962 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP