Tim

browser hijacker

14 posts in this topic

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/05/12 16:26:53
System Uptime: 21/09/13 12:05:11 (1 hours ago)
.
Motherboard: Dell Inc.          |  | 085X6F
Processor: Intel® Core i5-2467M CPU @ 1.60GHz | CPU | 1601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 6.085 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&22D4A7C5&0&02
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter #2
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&22D4A7C5&0&02
Service: vwifimp
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&22D4A7C5&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&22D4A7C5&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP167: 06/09/13 08:08:29 - Windows Update
RP168: 10/09/13 07:40:57 - Windows Update
RP169: 13/09/13 10:47:10 - Windows Update
RP170: 14/09/13 08:41:41 - Windows Update
RP171: 20/09/13 07:42:15 - Windows Update
.
==== Installed Programs ======================
.
2600
2600_Help
2600Trb
64 Bit HP CIO Components Installer
Accidental Damage Services Agreement
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 9
Adobe Premiere Elements 9
Adobe Reader X MUI
Advanced Audio FX Engine
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Banctec Service Agreement
BankID Security Application
Blio
Bonjour
BufferChm
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon My Printer
Canon Solution Menu EX
CCleaner
Cisco WebEx Meetings
Citrix XenApp Web Plugin
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
Copy
Cozi
CrashPlan
Cypress TrackPad
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Digital Delivery
Dell Edoc Viewer
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Stage Remote
Dell VideoStage
Dell Webcam Central
Destinations
DeviceDiscovery
DocProc
Elements 9 Organizer
Elements STI Installer
Expat Shield 2.25
Expat Shield Toolbar
Face Recognition
Fax
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 5.5.0.1133
Handelsbanken card reader
HiJackThis
HP Customer Participation Program 13.0
HP FWUpdateEDO2
HP Imaging Device Functions 13.0
HP Photosmart 7520 series Basic Device Software
HP Photosmart 7520 series Help
HP Photosmart 7520 series Product Improvement Study
HP Photosmart Essential 3.5
HP Smart Web Printing 4.51
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPSSupply
iCloud
Intel PROSet Wireless
Intel® Identity Protection Technology 1.2.22.0
Intel® Management Engine Components
Intel® Processor Graphics
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Start Technology
Intel® Smart Connect Technology 2.0 x64
Intel® WiDi
Intel® Wireless Display
iTunes
Jabra PC Suite 2.8.1972
Java 7 Update 25
Java Auto Updater
join.me
Junk Mail filter update
jZip
Malwarebytes Anti-Malware version 1.75.0.1300
Malwarebytes Secure Backup
MarketResearch
McAfee Security Scan Plus
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Live Meeting 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicnotes Software Suite 1.7.2
My Dell
Network64
OCR Software by I.R.I.S. 13.0
PlayReady PC Runtime x86
Premium Service Agreement
QualxServ Service Agreement
Quickset64
QuickTime
Realtek High Definition Audio Driver
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2760597) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition
Shop for HP Supplies
Skype Click to Call
Skype™ 6.6
SmartSound Quicktracks for Premiere Elements 9.0
SmartWebPrinting
SopCast 3.5.0
Sopcast Ask Toolbar Updater
Spybot - Search & Destroy
Status
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Vidyo Desktop 2.2.2 - (bloomie)
Visual Studio 2010 x64 Redistributables
Vodafone Mobile Connect Lite
WebCam Monitor 5.2
webcamXP 5
WebEx Productivity Tools
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zinio Reader 4
.
==== Event Viewer Messages From Past Week ========
.
21/09/13 12:05:20, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom
19/09/13 17:08:36, Error: Schannel [36874]  - An SSL 2.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
18/09/13 07:58:42, Error: Service Control Manager [7034]  - The Google Update Service (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
15/09/13 21:18:01, Error: Microsoft-Windows-Smartcard-Server [610]  - Smart Card Reader 'Handelsbanken card reader 0' rejected IOCTL GET_STATE: The device has been removed.  If this error persists, your smart card or reader may not be functioning correctly. Command Header: XX XX XX XX
14/09/13 22:53:17, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
.
==== End Of File ===========================

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686  BrowserJavaVersion: 10.25.2
Run by bloomie at 13:46:00 on 2013-09-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3407.772 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTHidMonitor.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Cypress\TrackPad\CyCpIo.exe
C:\Program Files\Cypress\TrackPad\CyHidWin.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Personal\bin\Personal.exe
C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
C:\Program Files (x86)\Malwarebytes Secure Backup\SUpdateNotifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeV85Driver.exe
C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaOneXDriver.exe
C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoWebExConnectDriver.exe
C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeDriver.exe
C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
mURLSearchHooks: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
BHO: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Sopcast Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Expat Shield Toolbar: {A060276A-53BE-45EC-8EBE-B94B1E803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
TB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Expat Shield Toolbar: {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [sOSUAUI] "C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe" -showui
mRun: [sMessaging] C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\bloomie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\JABRAD~1.LNK - C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.





TCP: Interfaces\{185F65EC-1073-4B12-8711-653E43E10719} : DHCPNameServer = 13.35.0.101
TCP: Interfaces\{5385A8BF-1179-40F9-9FA5-DCEC08D50780} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{5385A8BF-1179-40F9-9FA5-DCEC08D50780}\3405840284F6473707F647 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{5385A8BF-1179-40F9-9FA5-DCEC08D50780}\5616374736F6163747D277966696 : DHCPNameServer = 10.101.0.1
TCP: Interfaces\{5385A8BF-1179-40F9-9FA5-DCEC08D50780}\75C414E4F513634383 : DHCPNameServer = 80.58.61.250 80.58.61.254
TCP: Interfaces\{5385A8BF-1179-40F9-9FA5-DCEC08D50780}\84F6D656 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5385A8BF-1179-40F9-9FA5-DCEC08D50780}\F54586560234C6F65746 : DHCPNameServer = 10.1.5.153 10.1.5.154
TCP: Interfaces\{B4299629-87C0-4E71-AC48-4A4799414DF2} : DHCPNameServer = 88.82.13.12 88.82.13.12
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
LSA: Notification Packages =  scecli FAPassSync
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Face recognition web login for FastAccess: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll
x64-TB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe
x64-Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\
FF - prefs.js: browser.search.selectedEngine - Google


FF - ExtSQL: !HIDDEN! 2012-06-29 12:47; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2013-01-20 13:40; {6e92a0b8-6457-444b-aee1-e3fd07ed1e27}; C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\extensions\{6e92a0b8-6457-444b-aee1-e3fd07ed1e27}.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-9 55856]
R1 cbfs3;cbfs3;C:\Windows\System32\drivers\cbfs3.sys [2013-6-13 352008]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-4-9 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-9-15 1166848]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2013-4-9 222720]
R2 ExpatShieldService;Expat Shield Service;C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2012-1-17 331608]
R2 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2012-1-5 363336]
R2 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]
R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2011-11-10 121856]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-22 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-22 701512]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2012-4-9 199272]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-8-7 1153368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-4-9 1695040]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-4-9 2656536]
R3 acpials;ALS Sensor Filter;C:\Windows\System32\drivers\acpials.sys [2010-11-21 9728]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-9-15 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2013-3-14 176000]
R3 cyhid;Cypress Input Device;C:\Windows\System32\drivers\cyhid.sys [2012-4-9 125440]
R3 cykbfltrService;Cypress Keyboard Filter Driver;C:\Windows\System32\drivers\cykbfltr.sys [2012-4-9 14336]
R3 cymfltrService;Cypress Trackpad Filter Driver;C:\Windows\System32\drivers\cymfltr.sys [2012-4-9 88576]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2012-4-9 215296]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2012-4-9 70912]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-9 317440]
R3 irstrtdv;Intel® Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2012-4-9 26504]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2011-11-10 44992]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-9-8 25496]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-22 25928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-9-15 299008]
S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2010-4-29 32768]
S3 AX88178;ASIX AX88178 USB2.0 to Gigabit Ethernet Adapter;C:\Windows\System32\drivers\ax88178.sys [2012-4-9 56320]
S3 ExpatTrayService;Expat Shield Tray Service;C:\Program Files (x86)\Expat Shield\bin\EXPATTrayService.exe [2012-1-17 77520]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2011-11-10 25024]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-4-9 158976]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-9-8 34200]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-9-16 340240]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-9-10 22528]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2013-2-6 50176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-19 1255736]
S3 wxpSvc;webcamXP Service;C:\Program Files (x86)\webcamXP 5\wService.exe [2012-3-26 5404472]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2013-09-20 06:42:23 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{56D8A5F6-C4A6-4B62-992A-72AB2E392E3D}\mpengine.dll
2013-09-12 16:16:33 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-09-10 11:10:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-10 11:10:54 -------- d-----w- C:\Program Files\iTunes
2013-09-10 11:10:54 -------- d-----w- C:\Program Files\iPod
2013-09-10 11:10:54 -------- d-----w- C:\Program Files (x86)\iTunes
2013-09-10 11:10:02 -------- d-----w- C:\Program Files\Bonjour
2013-09-10 11:10:02 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-09-01 10:04:34 -------- d-----w- C:\Users\bloomie\AppData\Local\{A920CC9A-D7E2-4F94-AD2E-26FDF579E646}
.
==================== Find3M  ====================
.
2013-09-20 09:27:07 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-20 09:27:07 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-07 03:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-26 11:20:42 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-26 11:20:41 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-26 11:20:41 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 13:46:14.68 ===============
 

Share this post


Link to post
Share on other sites

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

kEVIN

Share this post


Link to post
Share on other sites

can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by bloomie (administrator) on TDBROWN3 on 21-09-2013 14:27:13
Running from C:\Users\bloomie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
(AnchorFree Inc.) C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
() C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
() c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() c:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTHidMonitor.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyCpIo.exe
(Cypress Semiconductor, Inc.) C:\Program Files\Cypress\TrackPad\CyHidWin.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe
(Code 42 Software, Inc.) C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SUpdateNotifier.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeV85Driver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaOneXDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoWebExConnectDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeDriver.exe
() C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CyCpIo] - C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2429440 2012-03-10] (Cypress Semiconductor Corporation)
HKLM\...\Run: [CyHidWin] - C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2371584 2012-03-10] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6414440 2011-11-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-04] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [intelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel® Corporation)
HKLM\...\Run: [bTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [482661 2011-11-03] ()
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [iSUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKLM-x32\...\Run: [FATrayAlert] - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2829241 2011-11-03] ()
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564872 2012-06-06] (Ask)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1316248 2010-12-02] (CANON INC.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2013-01-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [sOSUAUI] - C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe [53144 2013-03-07] (Malwarebytes Secure Backup)
HKLM-x32\...\Run: [sMessaging] - C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe [63896 2013-03-07] (Malwarebytes Secure Backup)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\bloomie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
URLSearchHook: (No Name) - {a060276a-53be-45ec-8ebe-b94b1e803179} -  No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKCU - {23C9224C-ACCE-4683-AB72-D0E8996251E9} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL =
BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll (AnchorFree Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Face recognition web login for FastAccess - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
BHO-x32: Expat Shield Toolbar - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll (Conduit Ltd.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Face recognition web login for FastAccess - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 -  No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Expat Shield Toolbar - {a060276a-53be-45ec-8ebe-b94b1e803179} - C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -  No Name - {A060276A-53BE-45EC-8EBE-B94B1E803179} -  No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default
FF user.js: detected! => C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\user.js
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google


FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @se.nexus/Personal - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\bloomie\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Yahoo! Toolbar - C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Expat Shield  - C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\Extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
FF Extension: No Name - C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\Extensions\{6e92a0b8-6457-444b-aee1-e3fd07ed1e27}.xpi
FF Extension: Expat Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======


CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\bloomie\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Musicnotes) - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
CHR Plugin: (ScorchPlugin) - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [feocblgcojafilfbgoineopkngchgaei] - C:\Program Files (x86)\Sensible Vision\Fast Access\chrome_fasso\extension.crx
CHR HKLM-x32\...\Chrome\Extension: [feocblgcojafilfbgoineopkngchgaei] - C:\Program Files (x86)\Sensible Vision\Fast Access\chrome_fasso\extension.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [222720 2013-04-09] (CrashPlan)
R2 ExpatShieldService; C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [331608 2012-01-17] ()
S3 ExpatTrayService; C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE [77520 2012-01-17] ()
R2 ExpatWd; C:\Program Files (x86)\Expat Shield\bin\hsswd.exe [329544 2012-01-05] ()
R2 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [121856 2011-11-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-05-18] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 wxpSvc; C:\Program Files (x86)\webcamXP 5\wService.exe [5404472 2012-03-26] (Moonware Studios)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S3 AX88178; C:\Windows\System32\DRIVERS\ax88178.sys [56320 2009-10-02] (ASIX Electronics Corp.)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [125440 2012-02-20] (Cypress Semiconductor, Inc.)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [14336 2012-03-10] (Cypress Semiconductor, Inc.)
R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [88576 2012-03-10] (Cypress Semiconductor, Inc.)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [70912 2011-10-04] (Fresco Logic)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25024 2011-11-10] ()
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2011-11-10] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-28] (Todos Data System AB)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 TDKLIB; \??\C:\Users\bloomie\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-21 14:27 - 2013-09-21 14:27 - 00000000 ____D C:\FRST
2013-09-21 14:26 - 2013-09-21 14:26 - 01956670 _____ (Farbar) C:\Users\bloomie\Desktop\FRST64.exe
2013-09-21 14:02 - 2013-09-21 14:02 - 00003012 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest-Retry
2013-09-21 13:46 - 2013-09-21 13:46 - 00033784 _____ C:\Users\bloomie\Desktop\dds.txt
2013-09-21 13:46 - 2013-09-21 13:46 - 00013255 _____ C:\Users\bloomie\Desktop\attach.txt
2013-09-21 13:45 - 2013-09-21 13:45 - 00688992 ____R (Swearware) C:\Users\bloomie\Desktop\dds.scr
2013-09-21 12:13 - 2013-09-21 13:45 - 00002080 _____ C:\Users\bloomie\Desktop\Rkill.txt
2013-09-20 12:59 - 2013-09-21 11:56 - 00089621 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 27 9 13 MASTER.xlsx
2013-09-19 15:34 - 2013-09-19 15:34 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER2.xlsx
2013-09-16 12:32 - 2013-09-16 12:35 - 03387418 _____ C:\Users\bloomie\Documents\Troux Technology Portfolio Management.pptx
2013-09-16 09:20 - 2013-09-16 09:20 - 00017038 _____ C:\Users\bloomie\Documents\Evaluation Metrics for EA Tool - Xspera Troux.xlsx
2013-09-14 08:48 - 2013-08-10 06:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-14 08:48 - 2013-08-10 06:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-14 08:48 - 2013-08-10 06:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-14 08:48 - 2013-08-10 06:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-14 08:48 - 2013-08-10 06:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-14 08:48 - 2013-08-10 06:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-14 08:48 - 2013-08-10 04:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-14 08:48 - 2013-08-10 04:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-14 08:48 - 2013-08-10 04:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-14 08:48 - 2013-08-10 04:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-14 08:48 - 2013-08-10 03:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-14 08:48 - 2013-08-10 03:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 16:16 - 2013-09-19 15:33 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13.xlsx
2013-09-13 13:38 - 2013-09-13 14:21 - 00089918 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER.xlsx
2013-09-12 17:16 - 2013-08-08 02:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 17:16 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 17:16 - 2013-08-02 03:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 03:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 17:16 - 2013-08-02 03:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 17:16 - 2013-08-02 03:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 17:16 - 2013-08-02 03:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 17:16 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 17:16 - 2013-08-02 03:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 17:16 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 17:16 - 2013-08-02 02:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 02:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 17:16 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 17:16 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 17:16 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 17:16 - 2013-08-02 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 17:16 - 2013-08-02 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 01:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 17:16 - 2013-08-02 01:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 17:16 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 17:16 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 17:16 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 17:16 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 10:52 - 2013-09-12 10:52 - 00055191 _____ C:\Users\bloomie\Documents\Neste Oil OD 1.3.xlsx
2013-09-12 10:49 - 2013-09-12 10:49 - 00054895 _____ C:\Users\bloomie\Documents\Neste Oil 1.2.xlsx
2013-09-12 10:11 - 2013-09-12 10:11 - 00046341 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314 1.1.xlsx
2013-09-12 09:16 - 2013-09-12 09:16 - 00046293 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314.xlsx
2013-09-12 08:45 - 2013-09-12 09:19 - 00055192 _____ C:\Users\bloomie\Documents\Neste Oil 1.1.xlsx
2013-09-11 09:54 - 2013-09-11 10:05 - 00055185 _____ C:\Users\bloomie\Documents\Neste Oil.xlsx
2013-09-10 12:11 - 2013-09-10 12:11 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-10 12:10 - 2013-09-10 12:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-10 12:10 - 2013-09-10 12:11 - 00000000 ____D C:\Program Files\iTunes
2013-09-10 12:10 - 2013-09-10 12:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\iPod
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\Bonjour
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-10 11:29 - 2013-09-10 11:29 - 00204047 _____ C:\Users\bloomie\Documents\Customer Success Story - Fidelity International.pptx
2013-09-10 11:28 - 2013-09-10 11:28 - 00199822 _____ C:\Users\bloomie\Documents\Customer Success Story - Freshfields.pptx
2013-09-09 13:48 - 2013-09-09 13:48 - 00052342 _____ C:\Users\bloomie\Documents\BSH maint 2013.xlsx
2013-09-06 14:07 - 2013-09-13 14:17 - 00090086 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-06 14:07 - 2013-09-06 14:07 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00012648 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00000165 ____H C:\Users\bloomie\Documents\~$EMEA Q3 6.9.xlsx
2013-09-06 09:57 - 2013-09-06 10:16 - 00009957 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.htm
2013-09-06 09:57 - 2013-09-06 10:16 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3 6.9_files
2013-09-05 14:21 - 2013-09-05 14:21 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-05 14:21 - 2013-09-05 14:21 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-03 15:19 - 2013-09-03 15:19 - 00052382 _____ C:\Users\bloomie\Documents\GfK maint 1.2.xlsx
2013-09-01 11:04 - 2013-09-01 11:04 - 00000000 ____D C:\Users\bloomie\AppData\Local\{A920CC9A-D7E2-4F94-AD2E-26FDF579E646}
2013-08-30 13:04 - 2013-08-30 13:04 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-30 13:04 - 2013-08-30 13:04 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2012.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2011.xlsx
2013-08-27 08:56 - 2013-08-27 08:59 - 00985267 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-27 08:56 - 2013-08-27 08:56 - 00000165 ____H C:\Users\bloomie\Documents\~$Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-26 19:02 - 2013-08-26 19:02 - 00985297 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 3.xlsx
2013-08-26 18:09 - 2013-08-26 18:09 - 00985259 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 2.xlsx
2013-08-26 17:50 - 2013-08-26 17:50 - 04084736 _____ C:\Users\bloomie\Documents\National Grid_TD UK_2011.ppt
2013-08-26 17:48 - 2013-08-26 17:49 - 04083200 _____ C:\Users\bloomie\Downloads\National Grid_TD UK_2011.ppt
2013-08-26 13:24 - 2013-08-26 18:08 - 00985288 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.2.xlsx
2013-08-26 11:56 - 2013-08-26 11:56 - 00969167 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.1.xlsx
2013-08-26 10:36 - 2013-08-26 18:08 - 00053152 _____ C:\Users\bloomie\Documents\Scania quote.xlsx
2013-08-26 10:15 - 2013-08-26 10:15 - 00054227 _____ C:\Users\bloomie\Documents\Scania - Ph II 1.1.xlsx
2013-08-26 10:05 - 2013-08-26 11:38 - 00054153 _____ C:\Users\bloomie\Documents\Scania - Ph I 1.1.xlsx
2013-08-23 16:17 - 2013-08-23 16:19 - 00014118 _____ C:\Users\bloomie\Documents\EMEA Q3.xlsx
2013-08-23 16:13 - 2013-08-23 16:15 - 00009922 _____ C:\Users\bloomie\Documents\EMEA Q3.htm
2013-08-23 16:13 - 2013-08-23 16:15 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3_files

==================== One Month Modified Files and Folders =======

2013-09-21 14:27 - 2013-09-21 14:27 - 00000000 ____D C:\FRST
2013-09-21 14:27 - 2012-04-09 14:39 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-21 14:26 - 2013-09-21 14:26 - 01956670 _____ (Farbar) C:\Users\bloomie\Desktop\FRST64.exe
2013-09-21 14:24 - 2012-04-09 14:38 - 01960183 _____ C:\Windows\WindowsUpdate.log
2013-09-21 14:23 - 2013-04-12 11:51 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-21 14:23 - 2012-05-14 22:31 - 00000000 ____D C:\Users\bloomie\Documents\Outlook Files
2013-09-21 14:03 - 2009-07-14 05:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 14:03 - 2009-07-14 05:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 14:02 - 2013-09-21 14:02 - 00003012 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest-Retry
2013-09-21 14:02 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-21 13:57 - 2013-06-13 07:27 - 00000490 _____ C:\Windows\Tasks\Online Backup Update Notifier.job
2013-09-21 13:57 - 2013-04-12 11:51 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-21 13:57 - 2012-04-09 15:07 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-09-21 13:57 - 2012-04-09 15:07 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-09-21 13:57 - 2012-04-09 14:59 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-09-21 13:56 - 2013-03-17 10:55 - 00014800 _____ C:\Windows\setupact.log
2013-09-21 13:56 - 2013-01-21 23:06 - 00070220 _____ C:\Windows\PFRO.log
2013-09-21 13:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-21 13:46 - 2013-09-21 13:46 - 00033784 _____ C:\Users\bloomie\Desktop\dds.txt
2013-09-21 13:46 - 2013-09-21 13:46 - 00013255 _____ C:\Users\bloomie\Desktop\attach.txt
2013-09-21 13:45 - 2013-09-21 13:45 - 00688992 ____R (Swearware) C:\Users\bloomie\Desktop\dds.scr
2013-09-21 13:45 - 2013-09-21 12:13 - 00002080 _____ C:\Users\bloomie\Desktop\Rkill.txt
2013-09-21 11:56 - 2013-09-20 12:59 - 00089621 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 27 9 13 MASTER.xlsx
2013-09-20 14:29 - 2013-05-22 11:04 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-09-20 14:25 - 2012-05-18 07:49 - 00000000 ____D C:\Users\bloomie\AppData\Roaming\Webex
2013-09-20 10:27 - 2012-04-09 14:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 10:27 - 2012-04-09 14:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 10:27 - 2012-04-09 14:39 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 15:34 - 2013-09-19 15:34 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER2.xlsx
2013-09-19 15:33 - 2013-09-13 16:16 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13.xlsx
2013-09-19 06:32 - 2013-04-12 11:52 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-18 15:57 - 2012-07-03 14:09 - 00000000 ____D C:\Users\bloomie\AppData\Local\CrashDumps
2013-09-17 15:04 - 2013-05-22 11:04 - 00000000 ____D C:\Program Files\My Dell
2013-09-17 15:04 - 2012-05-11 20:00 - 00000000 ____D C:\ProgramData\PCDr
2013-09-17 09:46 - 2012-05-31 08:12 - 00000000 ____D C:\Users\bloomie\AppData\Local\Deployment
2013-09-16 14:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 12:35 - 2013-09-16 12:32 - 03387418 _____ C:\Users\bloomie\Documents\Troux Technology Portfolio Management.pptx
2013-09-16 09:20 - 2013-09-16 09:20 - 00017038 _____ C:\Users\bloomie\Documents\Evaluation Metrics for EA Tool - Xspera Troux.xlsx
2013-09-14 22:53 - 2012-05-11 16:29 - 00000000 ___RD C:\Users\bloomie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-14 22:53 - 2012-05-11 16:29 - 00000000 ___RD C:\Users\bloomie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-14 18:24 - 2009-07-14 05:45 - 00380720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-14 08:48 - 2013-07-12 09:44 - 00000000 ____D C:\Windows\system32\MRT
2013-09-14 08:47 - 2012-06-21 18:46 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-14 08:46 - 2012-05-11 16:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 14:21 - 2013-09-13 13:38 - 00089918 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER.xlsx
2013-09-13 14:17 - 2013-09-06 14:07 - 00090086 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-12 10:52 - 2013-09-12 10:52 - 00055191 _____ C:\Users\bloomie\Documents\Neste Oil OD 1.3.xlsx
2013-09-12 10:49 - 2013-09-12 10:49 - 00054895 _____ C:\Users\bloomie\Documents\Neste Oil 1.2.xlsx
2013-09-12 10:11 - 2013-09-12 10:11 - 00046341 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314 1.1.xlsx
2013-09-12 09:19 - 2013-09-12 08:45 - 00055192 _____ C:\Users\bloomie\Documents\Neste Oil 1.1.xlsx
2013-09-12 09:16 - 2013-09-12 09:16 - 00046293 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314.xlsx
2013-09-11 10:05 - 2013-09-11 09:54 - 00055185 _____ C:\Users\bloomie\Documents\Neste Oil.xlsx
2013-09-10 12:12 - 2013-05-28 22:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-10 12:11 - 2013-09-10 12:11 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-10 12:11 - 2013-09-10 12:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-10 12:11 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\iTunes
2013-09-10 12:11 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\iPod
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\Bonjour
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-10 11:29 - 2013-09-10 11:29 - 00204047 _____ C:\Users\bloomie\Documents\Customer Success Story - Fidelity International.pptx
2013-09-10 11:28 - 2013-09-10 11:28 - 00199822 _____ C:\Users\bloomie\Documents\Customer Success Story - Freshfields.pptx
2013-09-09 13:48 - 2013-09-09 13:48 - 00052342 _____ C:\Users\bloomie\Documents\BSH maint 2013.xlsx
2013-09-07 10:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-06 14:07 - 2013-09-06 14:07 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00012648 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00000165 ____H C:\Users\bloomie\Documents\~$EMEA Q3 6.9.xlsx
2013-09-06 10:16 - 2013-09-06 09:57 - 00009957 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.htm
2013-09-06 10:16 - 2013-09-06 09:57 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3 6.9_files
2013-09-05 14:21 - 2013-09-05 14:21 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-05 14:21 - 2013-09-05 14:21 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-04 10:50 - 2013-08-07 09:29 - 00052403 _____ C:\Users\bloomie\Documents\GfK maint 1.1.xlsx
2013-09-03 15:19 - 2013-09-03 15:19 - 00052382 _____ C:\Users\bloomie\Documents\GfK maint 1.2.xlsx
2013-09-01 11:04 - 2013-09-01 11:04 - 00000000 ____D C:\Users\bloomie\AppData\Local\{A920CC9A-D7E2-4F94-AD2E-26FDF579E646}
2013-09-01 11:04 - 2012-08-16 13:56 - 00000000 ____D C:\Users\bloomie\AppData\Local\Windows Live
2013-08-30 13:04 - 2013-08-30 13:04 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-30 13:04 - 2013-08-30 13:04 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2012.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2011.xlsx
2013-08-27 08:59 - 2013-08-27 08:56 - 00985267 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-27 08:56 - 2013-08-27 08:56 - 00000165 ____H C:\Users\bloomie\Documents\~$Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-26 19:02 - 2013-08-26 19:02 - 00985297 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 3.xlsx
2013-08-26 18:09 - 2013-08-26 18:09 - 00985259 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 2.xlsx
2013-08-26 18:08 - 2013-08-26 13:24 - 00985288 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.2.xlsx
2013-08-26 18:08 - 2013-08-26 10:36 - 00053152 _____ C:\Users\bloomie\Documents\Scania quote.xlsx
2013-08-26 17:50 - 2013-08-26 17:50 - 04084736 _____ C:\Users\bloomie\Documents\National Grid_TD UK_2011.ppt
2013-08-26 17:49 - 2013-08-26 17:48 - 04083200 _____ C:\Users\bloomie\Downloads\National Grid_TD UK_2011.ppt
2013-08-26 11:56 - 2013-08-26 11:56 - 00969167 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.1.xlsx
2013-08-26 11:38 - 2013-08-26 10:05 - 00054153 _____ C:\Users\bloomie\Documents\Scania - Ph I 1.1.xlsx
2013-08-26 10:15 - 2013-08-26 10:15 - 00054227 _____ C:\Users\bloomie\Documents\Scania - Ph II 1.1.xlsx
2013-08-25 11:02 - 2013-08-16 13:17 - 00092601 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR -23.8.13 MASTER.xlsx
2013-08-23 16:19 - 2013-08-23 16:17 - 00014118 _____ C:\Users\bloomie\Documents\EMEA Q3.xlsx
2013-08-23 16:15 - 2013-08-23 16:13 - 00009922 _____ C:\Users\bloomie\Documents\EMEA Q3.htm
2013-08-23 16:15 - 2013-08-23 16:13 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3_files

Files to move or delete:
====================
C:\ProgramData\1594393.bat
C:\ProgramData\1594393.js
C:\ProgramData\1594393.pad
C:\ProgramData\1594393.reg

Some content of TEMP:
====================
C:\Users\bloomie\AppData\Local\Temp\conduitinstaller.exe
C:\Users\bloomie\AppData\Local\Temp\contentDATs.exe
C:\Users\bloomie\AppData\Local\Temp\ffunzip.exe
C:\Users\bloomie\AppData\Local\Temp\LDCFAD.tmp.exe
C:\Users\bloomie\AppData\Local\Temp\mssinstaller.exe
C:\Users\bloomie\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\bloomie\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-09-21 12:54

==================== End Of Log ============================

 

Share this post


Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013
Ran by bloomie at 2013-09-21 14:27:49
Running from C:\Users\bloomie\Desktop
Boot Mode: Normal
==========================================================

==================== Installed Programs ======================

2600 (x32 Version: 130.0.365.000)
2600_Help (x32 Version: 82.0.242.000)
2600Trb (x32 Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Accidental Damage Services Agreement (x32 Version: 2.0.0)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Community Help (x32 Version: 3.2.1)
Adobe Community Help (x32 Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Photoshop Elements 9 (x32 Version: 9.0)
Adobe Premiere Elements 9 (x32 Version: 9.0)
Adobe Reader X MUI (x32 Version: 10.0.0)
Advanced Audio FX Engine (x32 Version: 1.12.05)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000)
AIO_CDB_Software (x32 Version: 130.0.365.000)
AIO_Scan (x32 Version: 130.0.421.000)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Ask Toolbar (x32 Version: 1.15.4.0)
Banctec Service Agreement (x32 Version: 2.0.0)
BankID Security Application (x32 Version: 4.19.1)
Blio (x32 Version: 2.3.7140)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 130.0.331.000)
Canon MP Navigator EX 4.0 (x32)
Canon MP280 series MP Drivers
Canon My Printer (x32)
Canon Solution Menu EX (x32)
CCleaner (Version: 3.26)
Cisco WebEx Meetings (x32)
Citrix XenApp Web Plugin (x32 Version: 11.0.0.5357)
Complete Care Business Service Agreement (x32 Version: 2.0.0)
Consumer In-Home Service Agreement (x32 Version: 2.0.0)
Copy (x32 Version: 130.0.428.000)
Cozi (x32 Version: 1.0.6505.38692)
CrashPlan (Version: 3.5.3)
CrashPlan (x32 Version: 3.5.3)
Cypress TrackPad (Version: 2.3.6.33)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.67)
Dell DataSafe Local Backup (x32 Version: 9.4.67)
Dell Digital Delivery (x32 Version: 2.2.2000.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Home Systems Service Agreement (x32 Version: 2.0.0)
Dell MusicStage (x32 Version: 1.6.225.0)
Dell PhotoStage (x32 Version: 1.5.0.130)
Dell Stage (x32 Version: 1.6.301.0)
Dell Stage Remote (x32 Version: 2.0.0.43)
Dell VideoStage  (x32 Version: 1.3.0.2513)
Dell Webcam Central (x32 Version: 2.01.18)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DocProc (x32 Version: 13.0.0.0)
Elements 9 Organizer (x32 Version: 9.0)
Elements STI Installer (x32 Version: 1.0)
Expat Shield 2.25 (x32 Version: 2.25)
Expat Shield Toolbar (x32 Version: 6.15.0.27)
Face Recognition (Version: 3.1.70.1)
Fax (x32 Version: 130.0.418.000)
Google Chrome (x32 Version: 29.0.1547.76)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.153)
GoToMeeting 5.5.0.1133 (HKCU Version: 5.5.0.1133)
Handelsbanken card reader (x32 Version: 1.00.0000)
HiJackThis (x32 Version: 1.0.0)
HP Customer Participation Program 13.0 (Version: 13.0)
HP FWUpdateEDO2 (x32 Version: 1.2.0.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart 7520 series Basic Device Software (Version: 28.0.1315.0)
HP Photosmart 7520 series Help (x32 Version: 28.0.0)
HP Photosmart 7520 series Product Improvement Study (Version: 28.0.1315.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Update (x32 Version: 5.005.000.002)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPSSupply (x32 Version: 130.0.371.000)
iCloud (Version: 2.1.2.8)
Intel PROSet Wireless
Intel PROSet Wireless (x32)
Intel® Identity Protection Technology 1.2.22.0 (x32 Version: 1.2.22.0)
Intel® Management Engine Components (x32 Version: 7.0.0.1144)
Intel® Processor Graphics (x32 Version: 8.15.10.2455)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.2.1.0608)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.1000)
Intel® Rapid Start Technology (x32 Version: 1.0.0.1008)
Intel® Smart Connect Technology 2.0 x64 (Version: 2.0.871.0)
Intel® WiDi (x32 Version: 2.2.14.0)
Intel® Wireless Display
iTunes (Version: 11.0.5.5)
Jabra PC Suite 2.8.1972 (x32 Version: 2.8.1972.0)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
join.me (HKCU Version: 1.3.1.429)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
jZip (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Malwarebytes Secure Backup (x32 Version: 5.6.0.3526)
MarketResearch (x32 Version: 130.0.374.000)
McAfee Security Scan Plus (x32 Version: 2.1.121.2)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Live Meeting 2007 (x32 Version: 8.0.6362.215)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 16.0.2 (x86 en-US) (x32 Version: 16.0.2)
Mozilla Maintenance Service (x32 Version: 16.0.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Musicnotes Software Suite 1.7.2 (x32 Version: 1.7.2)
My Dell (Version: 3.4.6308.28)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
Premium Service Agreement (x32 Version: 2.0.0)
QualxServ Service Agreement (x32 Version: 2.0.0)
Quickset64 (Version: 11.1.10)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6499)
Scan (x32 Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (x32 Version: 6.11.13348)
Skype™ 6.6 (x32 Version: 6.6.106)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090)
SmartWebPrinting (x32 Version: 130.0.457.000)
SopCast 3.5.0 (x32 Version: 3.5.0)
Sopcast Ask Toolbar Updater (HKCU Version: 1.2.2.23821)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Status (x32 Version: 130.0.469.000)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
UnloadSupport (x32 Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Vidyo Desktop 2.2.2 - (bloomie) (HKCU Version: 2.2.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Vodafone Mobile Connect Lite (x32 Version: 3.2.2.182)
WebCam Monitor 5.2 (x32)
webcamXP 5 (x32 Version: 5.5.1.5 )
WebEx Productivity Tools (x32 Version: 2.32.600.15258)
WebReg (x32 Version: 130.0.132.017)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
Zinio Reader 4 (x32 Version: 4.2.4164)

==================== Restore Points  =========================

06-09-2013 07:08:29 Windows Update
10-09-2013 06:40:57 Windows Update
13-09-2013 09:47:10 Windows Update
14-09-2013 07:41:41 Windows Update
20-09-2013 06:42:15 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-01-21 23:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00CEA31E-9E7F-4384-8A82-150CFAF4A7AC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0CE6D749-90A4-463A-8605-B8B544BB48C1} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {0CF4FBA0-A649-4A18-8060-F2AAE307B476} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {18CE9C16-36E0-4828-B462-119D2C5F5B38} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {2FE966FE-339D-479D-92A1-C1F5AFB12964} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {5143718B-EE81-4CD1-8031-267EF07B03E1} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {574C2C59-1694-4846-84F7-5135CFB3C4DC} - System32\Tasks\Online Backup Update Notifier => C:\Program Files (x86)\Malwarebytes Secure Backup\SUpdateNotifier.exe [2013-03-07] (Malwarebytes Secure Backup)
Task: {822A82FC-00C0-4DEE-A4AD-BE1A7F63885F} - System32\Tasks\SystemToolsDailyTest-Retry => C:\Windows\System32\uaclauncher.exe
Task: {9414AFD3-870E-40C2-8B3C-E6558D07C29A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {991C3B44-0173-49C1-AE54-A8A344536947} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D8EFE6F3-025B-4DB2-9969-01F84B1B97D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12] (Google Inc.)
Task: {DF884307-1A58-4CD1-AA0E-6D462943721E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {F49333A9-EC44-45BE-80FD-06366FA1FB65} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-06-06] ()
Task: {F58E081F-A104-422C-BDFC-C18BD4F5AFBE} - System32\Tasks\AdobeAAMUpdater-1.0-tdbrown3-bloomie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {F7BA16D1-47FE-47D0-9820-A0407B4E8DBF} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-06] (PC-Doctor, Inc.)
Task: {FB73F6C4-F51C-47CF-BC6F-4A822EADDB87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-12] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Online Backup Update Notifier.job => C:\Program Files (x86)\Malwarebytes Secure Backup\SUpdateNotifier.exe
Task: C:\Windows\Tasks\SidebarExecute.job => C:\Program Files\Windows Sidebar\sidebar.exe

==================== Loaded Modules (whitelisted) =============

2012-04-09 16:13 - 2011-07-20 00:10 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc
2012-07-02 13:06 - 2012-06-17 14:22 - 00686080 _____ (Bandoo media inc) C:\Program Files (x86)\jZip\jZipShell64x.dll
2012-04-09 16:12 - 2010-11-04 04:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2012-04-09 16:12 - 2011-11-08 22:30 - 02361448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2012-04-09 16:12 - 2011-10-12 00:44 - 00946520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2012-04-09 16:13 - 2011-07-20 00:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-15 23:46 - 2011-09-15 23:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-02-06 14:30 - 2013-02-06 14:30 - 01055744 _____ (Robert Simpson, et al.) C:\Program Files (x86)\Malwarebytes Secure Backup\x64\System.Data.SQLite.dll
2013-03-07 12:53 - 2013-03-07 12:53 - 00027544 _____ () C:\Program Files (x86)\Malwarebytes Secure Backup\SOS.Contracts.CentralManagement.dll
2012-12-24 20:39 - 2012-03-14 06:00 - 00780288 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMDRAA.DLL
2012-12-24 20:39 - 2012-03-14 06:00 - 03769344 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMUIAA.DLL
2013-08-08 20:30 - 2013-07-17 09:53 - 01250080 _____ (Conduit Ltd.) C:\Users\bloomie\AppData\LocalLow\Expat_Shield\hk64tbExpa.dll
2010-03-17 02:28 - 2010-03-17 02:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 21:52 - 2010-03-22 21:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-17 02:28 - 2010-03-17 02:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-17 02:28 - 2010-03-17 02:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 05:20 - 2011-06-25 05:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-28 01:25 - 2011-06-28 01:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-25 05:21 - 2011-06-25 05:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
2010-03-12 01:52 - 2010-03-12 01:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 21:07 - 2010-03-05 21:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 21:07 - 2010-03-05 21:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-12 01:52 - 2010-03-12 01:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2011-11-03 22:11 - 2011-11-03 22:11 - 18858496 _____ (Unlimited Realities) C:\Program Files (x86)\Dell Stage\Dell Stage\libumajin.dll
2011-11-03 22:11 - 2011-11-03 22:11 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
2011-11-03 22:11 - 2011-11-03 22:11 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
2012-04-17 15:39 - 2012-04-17 15:39 - 00795032 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\tokenapi.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00481176 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\branding.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00083864 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\br_enu.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00723864 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_dan.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00725400 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_fin.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00104856 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_frfr.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00721304 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_nor.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00102808 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_plpl.dll
2012-04-17 15:44 - 2012-04-17 15:44 - 00103320 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_svse.dll
2012-05-16 12:20 - 2012-05-16 12:20 - 00078848 _____ (GN  A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\GNDeviceInterface.dll
2011-11-03 22:11 - 2011-11-03 22:11 - 18858496 _____ (Unlimited Realities) C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll
2011-11-03 22:11 - 2011-11-03 22:11 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2011-11-03 22:11 - 2011-11-03 22:11 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00053648 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-05-16 12:20 - 2012-05-16 12:20 - 00049664 _____ (GN  AS) C:\Program Files (x86)\Jabra\Jabra PC Suite\AvayaIP_InterfaceApi.dll
2012-05-16 12:19 - 2012-05-16 12:19 - 01191936 _____ (Avaya) C:\Program Files (x86)\Jabra\Jabra PC Suite\HeadSetInterface.dll
2012-01-17 22:21 - 2012-01-17 22:21 - 00009544 _____ () C:\Program Files (x86)\Expat Shield\bin\lang\gui-eng.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-12-21 01:15 - 2010-12-21 01:15 - 01041248 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2009-07-14 01:18 - 2009-07-14 02:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2013-07-17 09:53 - 2013-07-17 09:53 - 00226592 _____ (Conduit Ltd.) C:\Program Files (x86)\Expat_Shield\prxtbExpa.dll
2013-08-08 20:30 - 2013-07-17 09:53 - 00332576 _____ (Conduit Ltd.) C:\Users\bloomie\AppData\LocalLow\Expat_Shield\ldrtbExpa.dll
2013-08-08 20:30 - 2013-07-17 09:53 - 05134624 _____ (Conduit Ltd.) C:\Users\bloomie\AppData\LocalLow\Expat_Shield\tbExpa.dll
2013-08-08 20:30 - 2013-07-17 09:53 - 01053984 _____ (Conduit Ltd.) C:\Users\bloomie\AppData\LocalLow\Expat_Shield\hktbExpa.dll
2013-08-08 20:30 - 2012-01-05 00:02 - 00233288 _____ (AnchorFree Inc.) C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
2012-06-06 21:33 - 2012-06-06 21:33 - 01519304 _____ (Ask) C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
2011-08-19 17:34 - 2011-08-19 17:34 - 00593904 _____ (Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
2011-08-19 17:34 - 2011-08-19 17:34 - 06776816 _____ (Sensible Vision ) C:\Windows\system32\FAIESSODlg.dll
2011-08-19 17:34 - 2011-08-19 17:34 - 00095216 _____ () C:\Windows\system32\FAIEExtension.DLL
2013-09-20 10:27 - 2013-09-20 10:27 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_175.ocx

==================== Alternate Data Streams (whitelisted) ======

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2013 01:56:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 01:56:38 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x32

Error: (09/21/2013 01:56:38 PM) (Source: ISCT Agent) (User: )
Description: RegInit   OEM default registry path does not exist.

Error: (09/21/2013 00:55:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2013 00:05:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 00:05:18 PM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x32

Error: (09/21/2013 00:05:18 PM) (Source: ISCT Agent) (User: )
Description: RegInit   OEM default registry path does not exist.

Error: (09/21/2013 11:57:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 11:57:21 AM) (Source: ISCT Agent) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x32

Error: (09/21/2013 11:57:21 AM) (Source: ISCT Agent) (User: )
Description: RegInit   OEM default registry path does not exist.

System errors:
=============
Error: (09/21/2013 01:56:40 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (09/21/2013 00:05:20 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (09/21/2013 11:57:23 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (09/19/2013 05:08:36 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 2.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/19/2013 05:08:25 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 2.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/19/2013 05:08:25 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 2.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/19/2013 05:08:25 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 2.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/19/2013 05:08:25 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 2.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/19/2013 03:31:41 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 2.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/18/2013 07:59:12 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Microsoft Office Sessions:
=========================
Error: (09/21/2013 01:56:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 01:56:38 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x32

Error: (09/21/2013 01:56:38 PM) (Source: ISCT Agent)(User: )
Description: RegInit   OEM default registry path does not exist.

Error: (09/21/2013 00:55:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (09/21/2013 00:05:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 00:05:18 PM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x32

Error: (09/21/2013 00:05:18 PM) (Source: ISCT Agent)(User: )
Description: RegInit   OEM default registry path does not exist.

Error: (09/21/2013 11:57:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 11:57:21 AM) (Source: ISCT Agent)(User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x32

Error: (09/21/2013 11:57:21 AM) (Source: ISCT Agent)(User: )
Description: RegInit   OEM default registry path does not exist.

CodeIntegrity Errors:
===================================
  Date: 2013-01-21 21:56:58.831
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-01-21 21:56:58.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 73%
Total physical RAM: 3406.59 MB
Available physical RAM: 910.43 MB
Total Pagefile: 6811.37 MB
Available Pagefile: 3559.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:92.95 GB) (Free:6.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119 GB) (Disk ID: 06121EE9)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=93 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST/FRST64 and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

Open Malwarebytes, check for updates then run Quick scan. Full instructions follow if  Malwarebytes is not installed:

 

Download Malwarebytes from one of the following links and save it to your desktop.:

 

 

http://www.malwarebytes.org/mbam.php 

]

http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

 

Double Click mbam-setup.exe to install the application.


Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

Let me see those logs..

 

Kevin

fixlist.txt

Share this post


Link to post
Share on other sites

# AdwCleaner v3.004 - Report created 21/09/2013 at 15:58:55
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : bloomie - TDBROWN3
# Running from : C:\Users\bloomie\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Expat Shield
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expat Shield
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\jZip
[!] Folder Deleted : C:\Program Files (x86)\Expat Shield
Folder Deleted : C:\Program Files (x86)\Expat_Shield
Folder Deleted : C:\Users\bloomie\AppData\Local\Conduit
Folder Deleted : C:\Users\bloomie\AppData\Local\jZip
Folder Deleted : C:\Users\bloomie\AppData\Local\Temp\jZip
Folder Deleted : C:\Users\bloomie\AppData\Local\Temp\CT2549263
Folder Deleted : C:\Users\bloomie\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\bloomie\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\bloomie\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\bloomie\AppData\LocalLow\Expat_Shield
Folder Deleted : C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\Extensions\{a060276a-53be-45ec-8ebe-b94b1e803179}
File Deleted : C:\Users\Public\Desktop\jZip.lnk
File Deleted : C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\user.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2549263
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A060276A-53BE-45EC-8EBE-B94B1E803179}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D859F3EB-B5F1-47D0-9839-6DF8B311E450}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1A0F27E-6EB9-4262-A990-C2728F31F9BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1606807-D12F-45F9-9DB0-682E00BC9121}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A060276A-53BE-45EC-8EBE-B94B1E803179}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Expat_Shield
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\Expat_Shield
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Expat_Shield Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Mozilla Firefox v16.0.2 (en-US)

[ File : C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [11329 octets] - [21/09/2013 15:55:20]
AdwCleaner[s0].txt - [10970 octets] - [21/09/2013 15:58:55]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11031 octets] ##########

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.20.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
bloomie :: TDBROWN3 [administrator]

Protection: Enabled

21/09/13 16:02:53
mbam-log-2013-09-21 (16-02-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223308
Time elapsed: 3 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Share this post


Link to post
Share on other sites

can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by bloomie (administrator) on TDBROWN3 on 21-09-2013 16:44:36
Running from C:\Users\bloomie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() c:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTHidMonitor.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyCpIo.exe
(Cypress Semiconductor, Inc.) C:\Program Files\Cypress\TrackPad\CyHidWin.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe
(Code 42 Software, Inc.) C:\Program Files (x86)\CrashPlan\CrashPlanTray.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeV85Driver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaOneXDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraCiscoWebExConnectDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeDriver.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes Secure Backup) C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Secure Backup\mbsbscan.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CyCpIo] - C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2429440 2012-03-10] (Cypress Semiconductor Corporation)
HKLM\...\Run: [CyHidWin] - C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2371584 2012-03-10] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6414440 2011-11-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-04] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [intelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel® Corporation)
HKLM\...\Run: [bTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [482661 2011-11-03] ()
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [iSUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKLM-x32\...\Run: [FATrayAlert] - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [96240 2011-08-19] (Sensible Vision )
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2829241 2011-11-03] ()
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1316248 2010-12-02] (CANON INC.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2013-01-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [sOSUAUI] - C:\Program Files (x86)\Malwarebytes Secure Backup\sosuploadagent.exe [55192 2013-08-15] (Malwarebytes Secure Backup)
HKLM-x32\...\Run: [sMessaging] - C:\Program Files (x86)\Malwarebytes Secure Backup\SMessaging.exe [64408 2013-08-15] (Malwarebytes Secure Backup)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\bloomie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {23C9224C-ACCE-4683-AB72-D0E8996251E9} URL =
BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Face recognition web login for FastAccess - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll No File
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 -  No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default
FF SelectedSearchEngine: Google

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer - C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @se.nexus/Personal - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF Plugin-x32: @Sibelius.com/Scorch Plugin - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\bloomie\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: No Name - C:\Users\bloomie\AppData\Roaming\Mozilla\Firefox\Profiles\gzwfi5df.default\Extensions\{6e92a0b8-6457-444b-aee1-e3fd07ed1e27}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======


CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\bloomie\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Musicnotes) - C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
CHR Plugin: (ScorchPlugin) - C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Skype Click to Call) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\bloomie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [feocblgcojafilfbgoineopkngchgaei] - C:\Program Files (x86)\Sensible Vision\Fast Access\chrome_fasso\extension.crx
CHR HKLM-x32\...\Chrome\Extension: [feocblgcojafilfbgoineopkngchgaei] - C:\Program Files (x86)\Sensible Vision\Fast Access\chrome_fasso\extension.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [222720 2013-04-09] (CrashPlan)
R2 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [121856 2011-11-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-05-18] (Realtek Semiconductor)
R2 sagentservice; C:\Program Files (x86)\Malwarebytes Secure Backup\SAgent.Service.exe [39832 2013-08-15] (Malwarebytes Secure Backup)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 wxpSvc; C:\Program Files (x86)\webcamXP 5\wService.exe [5404472 2012-03-26] (Moonware Studios)
S2 ExpatShieldService; C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [x]
S2 ExpatSrv; C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [x]
S3 ExpatTrayService; C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE [x]
S2 ExpatWd; C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [x]

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S3 AX88178; C:\Windows\System32\DRIVERS\ax88178.sys [56320 2009-10-02] (ASIX Electronics Corp.)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R3 cyhid; C:\Windows\System32\DRIVERS\cyhid.sys [125440 2012-02-20] (Cypress Semiconductor, Inc.)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [14336 2012-03-10] (Cypress Semiconductor, Inc.)
R3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [88576 2012-03-10] (Cypress Semiconductor, Inc.)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [70912 2011-10-04] (Fresco Logic)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25024 2011-11-10] ()
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2011-11-10] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-28] (Todos Data System AB)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 TDKLIB; \??\C:\Users\bloomie\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-21 15:55 - 2013-09-21 15:59 - 00000000 ____D C:\AdwCleaner
2013-09-21 15:51 - 2013-09-21 15:51 - 01039554 _____ C:\Users\bloomie\Desktop\AdwCleaner.exe
2013-09-21 14:27 - 2013-09-21 14:28 - 00035026 _____ C:\Users\bloomie\Desktop\Addition.txt
2013-09-21 14:27 - 2013-09-21 14:27 - 00000000 ____D C:\FRST
2013-09-21 14:26 - 2013-09-21 14:26 - 01956670 _____ (Farbar) C:\Users\bloomie\Desktop\FRST64.exe
2013-09-21 13:46 - 2013-09-21 13:46 - 00033784 _____ C:\Users\bloomie\Desktop\dds.txt
2013-09-21 13:46 - 2013-09-21 13:46 - 00013255 _____ C:\Users\bloomie\Desktop\attach.txt
2013-09-21 13:45 - 2013-09-21 13:45 - 00688992 ____R (Swearware) C:\Users\bloomie\Desktop\dds.scr
2013-09-21 12:13 - 2013-09-21 13:45 - 00002080 _____ C:\Users\bloomie\Desktop\Rkill.txt
2013-09-20 12:59 - 2013-09-21 11:56 - 00089621 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 27 9 13 MASTER.xlsx
2013-09-19 15:34 - 2013-09-19 15:34 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER2.xlsx
2013-09-16 12:32 - 2013-09-16 12:35 - 03387418 _____ C:\Users\bloomie\Documents\Troux Technology Portfolio Management.pptx
2013-09-16 09:20 - 2013-09-16 09:20 - 00017038 _____ C:\Users\bloomie\Documents\Evaluation Metrics for EA Tool - Xspera Troux.xlsx
2013-09-14 08:48 - 2013-08-10 06:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-14 08:48 - 2013-08-10 06:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-14 08:48 - 2013-08-10 06:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-14 08:48 - 2013-08-10 06:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-14 08:48 - 2013-08-10 06:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-14 08:48 - 2013-08-10 06:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-14 08:48 - 2013-08-10 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-14 08:48 - 2013-08-10 04:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-14 08:48 - 2013-08-10 04:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-14 08:48 - 2013-08-10 04:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-14 08:48 - 2013-08-10 04:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-14 08:48 - 2013-08-10 04:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-14 08:48 - 2013-08-10 03:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-14 08:48 - 2013-08-10 03:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 16:16 - 2013-09-19 15:33 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13.xlsx
2013-09-13 13:38 - 2013-09-13 14:21 - 00089918 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER.xlsx
2013-09-12 17:16 - 2013-08-08 02:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 17:16 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 17:16 - 2013-08-02 03:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 03:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 17:16 - 2013-08-02 03:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 17:16 - 2013-08-02 03:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 17:16 - 2013-08-02 03:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 17:16 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 17:16 - 2013-08-02 03:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 17:16 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 17:16 - 2013-08-02 02:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 17:16 - 2013-08-02 02:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 17:16 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 17:16 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 17:16 - 2013-08-02 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 17:16 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 17:16 - 2013-08-02 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 17:16 - 2013-08-02 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 17:16 - 2013-08-02 01:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 17:16 - 2013-08-02 01:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 17:16 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:16 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:16 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 17:16 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 17:16 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 17:16 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 10:52 - 2013-09-12 10:52 - 00055191 _____ C:\Users\bloomie\Documents\Neste Oil OD 1.3.xlsx
2013-09-12 10:49 - 2013-09-12 10:49 - 00054895 _____ C:\Users\bloomie\Documents\Neste Oil 1.2.xlsx
2013-09-12 10:11 - 2013-09-12 10:11 - 00046341 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314 1.1.xlsx
2013-09-12 09:16 - 2013-09-12 09:16 - 00046293 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314.xlsx
2013-09-12 08:45 - 2013-09-12 09:19 - 00055192 _____ C:\Users\bloomie\Documents\Neste Oil 1.1.xlsx
2013-09-11 09:54 - 2013-09-11 10:05 - 00055185 _____ C:\Users\bloomie\Documents\Neste Oil.xlsx
2013-09-10 12:11 - 2013-09-10 12:11 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-10 12:10 - 2013-09-10 12:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-10 12:10 - 2013-09-10 12:11 - 00000000 ____D C:\Program Files\iTunes
2013-09-10 12:10 - 2013-09-10 12:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\iPod
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\Bonjour
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-10 11:29 - 2013-09-10 11:29 - 00204047 _____ C:\Users\bloomie\Documents\Customer Success Story - Fidelity International.pptx
2013-09-10 11:28 - 2013-09-10 11:28 - 00199822 _____ C:\Users\bloomie\Documents\Customer Success Story - Freshfields.pptx
2013-09-09 13:48 - 2013-09-09 13:48 - 00052342 _____ C:\Users\bloomie\Documents\BSH maint 2013.xlsx
2013-09-06 14:07 - 2013-09-13 14:17 - 00090086 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-06 14:07 - 2013-09-06 14:07 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00012648 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00000165 ____H C:\Users\bloomie\Documents\~$EMEA Q3 6.9.xlsx
2013-09-06 09:57 - 2013-09-06 10:16 - 00009957 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.htm
2013-09-06 09:57 - 2013-09-06 10:16 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3 6.9_files
2013-09-05 14:21 - 2013-09-05 14:21 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-05 14:21 - 2013-09-05 14:21 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-03 15:19 - 2013-09-03 15:19 - 00052382 _____ C:\Users\bloomie\Documents\GfK maint 1.2.xlsx
2013-09-01 11:04 - 2013-09-01 11:04 - 00000000 ____D C:\Users\bloomie\AppData\Local\{A920CC9A-D7E2-4F94-AD2E-26FDF579E646}
2013-08-30 13:04 - 2013-08-30 13:04 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-30 13:04 - 2013-08-30 13:04 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2012.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2011.xlsx
2013-08-27 08:56 - 2013-08-27 08:59 - 00985267 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-27 08:56 - 2013-08-27 08:56 - 00000165 ____H C:\Users\bloomie\Documents\~$Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-26 19:02 - 2013-08-26 19:02 - 00985297 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 3.xlsx
2013-08-26 18:09 - 2013-08-26 18:09 - 00985259 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 2.xlsx
2013-08-26 17:50 - 2013-08-26 17:50 - 04084736 _____ C:\Users\bloomie\Documents\National Grid_TD UK_2011.ppt
2013-08-26 17:48 - 2013-08-26 17:49 - 04083200 _____ C:\Users\bloomie\Downloads\National Grid_TD UK_2011.ppt
2013-08-26 13:24 - 2013-08-26 18:08 - 00985288 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.2.xlsx
2013-08-26 11:56 - 2013-08-26 11:56 - 00969167 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.1.xlsx
2013-08-26 10:36 - 2013-08-26 18:08 - 00053152 _____ C:\Users\bloomie\Documents\Scania quote.xlsx
2013-08-26 10:15 - 2013-08-26 10:15 - 00054227 _____ C:\Users\bloomie\Documents\Scania - Ph II 1.1.xlsx
2013-08-26 10:05 - 2013-08-26 11:38 - 00054153 _____ C:\Users\bloomie\Documents\Scania - Ph I 1.1.xlsx
2013-08-23 16:17 - 2013-08-23 16:19 - 00014118 _____ C:\Users\bloomie\Documents\EMEA Q3.xlsx
2013-08-23 16:13 - 2013-08-23 16:15 - 00009922 _____ C:\Users\bloomie\Documents\EMEA Q3.htm
2013-08-23 16:13 - 2013-08-23 16:15 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3_files

==================== One Month Modified Files and Folders =======

2013-09-21 16:27 - 2012-04-09 14:39 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-21 16:23 - 2013-04-12 11:51 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-21 16:15 - 2013-06-13 07:27 - 00002007 _____ C:\Users\Public\Desktop\Malwarebytes Secure Backup.lnk
2013-09-21 16:15 - 2013-06-13 07:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Secure Backup
2013-09-21 16:14 - 2013-06-13 07:27 - 00000490 _____ C:\Windows\Tasks\Online Backup Update Notifier.job
2013-09-21 16:14 - 2013-06-12 23:38 - 00000000 ____D C:\Windows\Downloaded Installations
2013-09-21 16:07 - 2009-07-14 05:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 16:07 - 2009-07-14 05:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 16:05 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-21 16:03 - 2012-04-09 14:38 - 01984665 _____ C:\Windows\WindowsUpdate.log
2013-09-21 16:01 - 2012-05-14 22:31 - 00000000 ____D C:\Users\bloomie\Documents\Outlook Files
2013-09-21 16:00 - 2013-04-12 11:51 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-21 16:00 - 2012-04-09 15:07 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-09-21 16:00 - 2012-04-09 15:07 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-09-21 16:00 - 2012-04-09 14:59 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-09-21 15:59 - 2013-09-21 15:55 - 00000000 ____D C:\AdwCleaner
2013-09-21 15:59 - 2013-08-08 20:30 - 00000000 ____D C:\Program Files (x86)\Expat Shield
2013-09-21 15:59 - 2013-03-17 10:55 - 00014856 _____ C:\Windows\setupact.log
2013-09-21 15:59 - 2013-01-21 23:06 - 00070762 _____ C:\Windows\PFRO.log
2013-09-21 15:59 - 2012-08-22 23:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-21 15:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-21 15:58 - 2013-08-08 20:30 - 00000000 ____D C:\Expat Shield
2013-09-21 15:51 - 2013-09-21 15:51 - 01039554 _____ C:\Users\bloomie\Desktop\AdwCleaner.exe
2013-09-21 14:47 - 2013-05-22 11:04 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-09-21 14:28 - 2013-09-21 14:27 - 00035026 _____ C:\Users\bloomie\Desktop\Addition.txt
2013-09-21 14:27 - 2013-09-21 14:27 - 00000000 ____D C:\FRST
2013-09-21 14:26 - 2013-09-21 14:26 - 01956670 _____ (Farbar) C:\Users\bloomie\Desktop\FRST64.exe
2013-09-21 13:46 - 2013-09-21 13:46 - 00033784 _____ C:\Users\bloomie\Desktop\dds.txt
2013-09-21 13:46 - 2013-09-21 13:46 - 00013255 _____ C:\Users\bloomie\Desktop\attach.txt
2013-09-21 13:45 - 2013-09-21 13:45 - 00688992 ____R (Swearware) C:\Users\bloomie\Desktop\dds.scr
2013-09-21 13:45 - 2013-09-21 12:13 - 00002080 _____ C:\Users\bloomie\Desktop\Rkill.txt
2013-09-21 11:56 - 2013-09-20 12:59 - 00089621 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 27 9 13 MASTER.xlsx
2013-09-20 14:25 - 2012-05-18 07:49 - 00000000 ____D C:\Users\bloomie\AppData\Roaming\Webex
2013-09-20 10:27 - 2012-04-09 14:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 10:27 - 2012-04-09 14:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 10:27 - 2012-04-09 14:39 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 15:34 - 2013-09-19 15:34 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER2.xlsx
2013-09-19 15:33 - 2013-09-13 16:16 - 00089458 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13.xlsx
2013-09-19 06:32 - 2013-04-12 11:52 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-18 15:57 - 2012-07-03 14:09 - 00000000 ____D C:\Users\bloomie\AppData\Local\CrashDumps
2013-09-17 15:04 - 2013-05-22 11:04 - 00000000 ____D C:\Program Files\My Dell
2013-09-17 15:04 - 2012-05-11 20:00 - 00000000 ____D C:\ProgramData\PCDr
2013-09-17 09:46 - 2012-05-31 08:12 - 00000000 ____D C:\Users\bloomie\AppData\Local\Deployment
2013-09-16 14:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 12:35 - 2013-09-16 12:32 - 03387418 _____ C:\Users\bloomie\Documents\Troux Technology Portfolio Management.pptx
2013-09-16 09:20 - 2013-09-16 09:20 - 00017038 _____ C:\Users\bloomie\Documents\Evaluation Metrics for EA Tool - Xspera Troux.xlsx
2013-09-14 22:53 - 2012-05-11 16:29 - 00000000 ___RD C:\Users\bloomie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-14 22:53 - 2012-05-11 16:29 - 00000000 ___RD C:\Users\bloomie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-14 18:24 - 2009-07-14 05:45 - 00380720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-14 08:48 - 2013-07-12 09:44 - 00000000 ____D C:\Windows\system32\MRT
2013-09-14 08:47 - 2012-06-21 18:46 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-14 08:46 - 2012-05-11 16:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 14:21 - 2013-09-13 13:38 - 00089918 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 20 9 13 MASTER.xlsx
2013-09-13 14:17 - 2013-09-06 14:07 - 00090086 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-12 10:52 - 2013-09-12 10:52 - 00055191 _____ C:\Users\bloomie\Documents\Neste Oil OD 1.3.xlsx
2013-09-12 10:49 - 2013-09-12 10:49 - 00054895 _____ C:\Users\bloomie\Documents\Neste Oil 1.2.xlsx
2013-09-12 10:11 - 2013-09-12 10:11 - 00046341 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314 1.1.xlsx
2013-09-12 09:19 - 2013-09-12 08:45 - 00055192 _____ C:\Users\bloomie\Documents\Neste Oil 1.1.xlsx
2013-09-12 09:16 - 2013-09-12 09:16 - 00046293 _____ C:\Users\bloomie\Documents\Bombardier OD min 1314.xlsx
2013-09-11 10:05 - 2013-09-11 09:54 - 00055185 _____ C:\Users\bloomie\Documents\Neste Oil.xlsx
2013-09-10 12:12 - 2013-05-28 22:10 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-10 12:11 - 2013-09-10 12:11 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-10 12:11 - 2013-09-10 12:10 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-10 12:11 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\iTunes
2013-09-10 12:11 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\iPod
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files\Bonjour
2013-09-10 12:10 - 2013-09-10 12:10 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-10 11:29 - 2013-09-10 11:29 - 00204047 _____ C:\Users\bloomie\Documents\Customer Success Story - Fidelity International.pptx
2013-09-10 11:28 - 2013-09-10 11:28 - 00199822 _____ C:\Users\bloomie\Documents\Customer Success Story - Freshfields.pptx
2013-09-09 13:48 - 2013-09-09 13:48 - 00052342 _____ C:\Users\bloomie\Documents\BSH maint 2013.xlsx
2013-09-07 10:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-06 14:07 - 2013-09-06 14:07 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 13..9 13 MASTER.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00012648 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.xlsx
2013-09-06 10:32 - 2013-09-06 10:32 - 00000165 ____H C:\Users\bloomie\Documents\~$EMEA Q3 6.9.xlsx
2013-09-06 10:16 - 2013-09-06 09:57 - 00009957 _____ C:\Users\bloomie\Documents\EMEA Q3 6.9.htm
2013-09-06 10:16 - 2013-09-06 09:57 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3 6.9_files
2013-09-05 14:21 - 2013-09-05 14:21 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-05 14:21 - 2013-09-05 14:21 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 6.9.13 MASTER.xlsx
2013-09-04 10:50 - 2013-08-07 09:29 - 00052403 _____ C:\Users\bloomie\Documents\GfK maint 1.1.xlsx
2013-09-03 15:19 - 2013-09-03 15:19 - 00052382 _____ C:\Users\bloomie\Documents\GfK maint 1.2.xlsx
2013-09-01 11:04 - 2013-09-01 11:04 - 00000000 ____D C:\Users\bloomie\AppData\Local\{A920CC9A-D7E2-4F94-AD2E-26FDF579E646}
2013-09-01 11:04 - 2012-08-16 13:56 - 00000000 ____D C:\Users\bloomie\AppData\Local\Windows Live
2013-08-30 13:04 - 2013-08-30 13:04 - 00092081 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-30 13:04 - 2013-08-30 13:04 - 00000165 ____H C:\Users\bloomie\Documents\~$Territory Plan - CNEUR - 5.9. 13 MASTER.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2012.xlsx
2013-08-28 10:52 - 2013-08-28 10:52 - 00000165 ____H C:\Users\bloomie\Documents\~$BCS Swedbank Support OU 2011.xlsx
2013-08-27 08:59 - 2013-08-27 08:56 - 00985267 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-27 08:56 - 2013-08-27 08:56 - 00000165 ____H C:\Users\bloomie\Documents\~$Appendix 6 RFQ Response EAM 1 4.xlsx
2013-08-26 19:02 - 2013-08-26 19:02 - 00985297 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 3.xlsx
2013-08-26 18:09 - 2013-08-26 18:09 - 00985259 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1 2.xlsx
2013-08-26 18:08 - 2013-08-26 13:24 - 00985288 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.2.xlsx
2013-08-26 18:08 - 2013-08-26 10:36 - 00053152 _____ C:\Users\bloomie\Documents\Scania quote.xlsx
2013-08-26 17:50 - 2013-08-26 17:50 - 04084736 _____ C:\Users\bloomie\Documents\National Grid_TD UK_2011.ppt
2013-08-26 17:49 - 2013-08-26 17:48 - 04083200 _____ C:\Users\bloomie\Downloads\National Grid_TD UK_2011.ppt
2013-08-26 11:56 - 2013-08-26 11:56 - 00969167 _____ C:\Users\bloomie\Documents\Appendix 6 RFQ Response EAM 1.1.xlsx
2013-08-26 11:38 - 2013-08-26 10:05 - 00054153 _____ C:\Users\bloomie\Documents\Scania - Ph I 1.1.xlsx
2013-08-26 10:15 - 2013-08-26 10:15 - 00054227 _____ C:\Users\bloomie\Documents\Scania - Ph II 1.1.xlsx
2013-08-25 11:02 - 2013-08-16 13:17 - 00092601 _____ C:\Users\bloomie\Documents\Territory Plan - CNEUR -23.8.13 MASTER.xlsx
2013-08-23 16:19 - 2013-08-23 16:17 - 00014118 _____ C:\Users\bloomie\Documents\EMEA Q3.xlsx
2013-08-23 16:15 - 2013-08-23 16:13 - 00009922 _____ C:\Users\bloomie\Documents\EMEA Q3.htm
2013-08-23 16:15 - 2013-08-23 16:13 - 00000000 ____D C:\Users\bloomie\Documents\EMEA Q3_files

Files to move or delete:
====================
C:\ProgramData\1594393.bat
C:\ProgramData\1594393.js
C:\ProgramData\1594393.pad
C:\ProgramData\1594393.reg

Some content of TEMP:
====================
C:\Users\bloomie\AppData\Local\Temp\conduitinstaller.exe
C:\Users\bloomie\AppData\Local\Temp\contentDATs.exe
C:\Users\bloomie\AppData\Local\Temp\ffunzip.exe
C:\Users\bloomie\AppData\Local\Temp\LDCFAD.tmp.exe
C:\Users\bloomie\AppData\Local\Temp\mssinstaller.exe
C:\Users\bloomie\AppData\Local\Temp\Quarantine.exe
C:\Users\bloomie\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\bloomie\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-09-21 12:54

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

You`ve ran another scan, look at the instructions again in reply #5  for FRST and runing the fix...

Share this post


Link to post
Share on other sites

Thanks for following up Kevin.  Couldn't find the other log file you were looking for, but browser seems to be behaving itself for now.  So you can close the ticket - thanks for your help.

Share this post


Link to post
Share on other sites

OK if you`re sure, do the following unless you`ve already done so...

 

Delete FRST.exe from the desktop, delete its folder from C:\FRST

 

Next,

 

Uninstall adwcleaner.exe (unless you want it)

  •   Please close all open programs and internet browsers.
  •   Double click on adwcleaner.exe to run the tool.
  •   Click on Uninstall
  • Click Yes at Would you like to Uninstall Adwcleaner

 

Thanks for the feedback, will close out your thread later,

 

Kevin

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.