Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AdChoices with Windows 7 64 bit and IE 10


  • This topic is locked This topic is locked
8 replies to this topic

#1 brranndon

brranndon

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 21 July 2014 - 10:07 AM

Hello,

 

I have the AdChoices Maleware.

 

I ran Junkware Removal Tool (JRT) by Thisisu, Version: 6.1.4 (04.06.2014:1), but I still have it. 

 

This is on a system with a fairly recent build of Windows 7 64 bit.

 

Thanks,

Brandon



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 21 July 2014 - 11:26 AM

Hi Brandon,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 brranndon

brranndon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 22 July 2014 - 02:04 PM

Thank you.  Please see below:

 

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Brandon (administrator) on TRANSFORMING-PC on 22-07-2014 14:58:43
Running from C:\Users\Brandon\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Akamai Technologies, Inc.) C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe
(The Pidgin developer community) C:\Program Files (x86)\Pidgin\pidgin.exe
(Akamai Technologies, Inc.) C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET) C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Adobe Systems, Inc.) C:\Users\Brandon\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\connectaddin\connectaddin.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [373248 2014-06-03] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5256336 2012-07-11] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328064 2012-09-14] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205184 2012-10-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Bing Bar] => C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3665899222-3519402836-621587197-1001\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3665899222-3519402836-621587197-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3665899222-3519402836-621587197-1002\...\Run: [Pidgin] => C:\Program Files (x86)\Pidgin\pidgin.exe [60216 2014-02-02] (The Pidgin developer community)
HKU\S-1-5-21-3665899222-3519402836-621587197-1002\...\Run: [GoogleContactSync] => C:\Program Files (x86)\WebGear\GO Contact Sync\GOContactSync.exe [924160 2014-02-07] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET)
HKU\S-1-5-21-3665899222-3519402836-621587197-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-19] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crosswalk.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE07A50B2D87ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {EBF1BFCB-F60B-4DCB-9C96-E53C543CB645} http://192.168.1.240:8080/qcbin/ALM-Platform-Loader.11.cab

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.10 68.105.28.16 68.105.29.16

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Brandon\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-06-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-07-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-08]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-06]
CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-06]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-06]
CHR Extension: (Google Search) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-06]
CHR Extension: (Norton Identity Protection) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-06-06]
CHR Extension: (Google Wallet) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-06]
CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-06]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-15]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-06-09] (Macrovision Europe Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-03-31] (DEVGURU Co., LTD.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-07-06] (VIA Technologies, Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140721.001\IDSvia64.sys [525016 2014-06-02] (Symantec Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-21] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140722.002\ENG64.SYS [126040 2014-07-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140722.002\EX64.SYS [2099288 2014-07-18] (Symantec Corporation)
R3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-22 14:58 - 2014-07-22 14:59 - 00025794 _____ () C:\Users\Brandon\Desktop\FRST.txt
2014-07-22 14:58 - 2014-07-22 14:58 - 02090496 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2014-07-22 14:58 - 2014-07-22 14:58 - 00000000 ____D () C:\FRST
2014-07-22 09:04 - 2014-07-22 09:07 - 00000000 ____D () C:\Users\Brandon\Desktop\ABACUS_Incr 2_3_Working Group
2014-07-22 09:04 - 2014-07-22 09:04 - 01759876 _____ () C:\Users\Brandon\Desktop\ABACUS_Incr 2_3_RTM_Working Requirements 07082014_07112014_govt input.xlsx
2014-07-22 07:35 - 2014-07-22 07:41 - 00000000 ____D () C:\Users\Brandon\Documents\NVOWS
2014-07-22 07:32 - 2014-07-22 07:32 - 00000000 ____D () C:\Users\Brandon\Desktop\misc
2014-07-21 20:02 - 2014-07-22 14:15 - 00000574 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3665899222-3519402836-621587197-1002.job
2014-07-21 20:02 - 2014-07-21 20:02 - 00003618 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3665899222-3519402836-621587197-1002
2014-07-21 20:02 - 2014-07-21 20:02 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Citrix
2014-07-21 14:08 - 2014-07-21 14:08 - 00000000 ____D () C:\Users\Brandon\Desktop\Faheem
2014-07-21 13:45 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 13:44 - 2014-07-21 13:47 - 00000000 ____D () C:\AdwCleaner
2014-07-21 13:42 - 2014-07-21 13:42 - 01810944 _____ () C:\Users\Brandon\Desktop\FW  ABACUS - Configuration Requirements July 21 - 25.msg
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\SUPERAntiSpyware.com
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-21 11:21 - 2014-07-21 11:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 11:18 - 2014-07-21 11:21 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Malwarebytes
2014-07-21 11:17 - 2014-07-21 11:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-21 10:26 - 2014-07-21 10:26 - 00000000 ____D () C:\Windows\ERUNT
2014-07-18 11:26 - 2014-07-18 11:27 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\GoContactSyncMOD
2014-07-18 11:26 - 2014-07-18 11:26 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GO Contact Sync Mod
2014-07-18 11:26 - 2014-07-18 11:26 - 00000000 ____D () C:\Program Files (x86)\WebGear
2014-07-17 18:13 - 2014-07-17 18:14 - 00000170 _____ () C:\Users\Brandon\Desktop\stext.txt
2014-07-16 14:29 - 2014-07-16 14:29 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 08:26 - 2014-07-18 10:20 - 00000000 ____D () C:\Users\Brandon\Desktop\temp
2014-07-15 13:21 - 2014-07-18 10:38 - 00008484 _____ () C:\Users\Brandon\Documents\hours week of 7_15_2014.xlsx
2014-07-15 12:06 - 2014-07-15 12:06 - 00000000 ____D () C:\Users\Brandon\Documents\Investments
2014-07-14 18:37 - 2014-07-21 11:23 - 00000000 ____D () C:\Users\Brandon\Desktop\fishing photos 2014 07 14
2014-07-09 13:31 - 2014-07-09 14:03 - 00000000 ____D () C:\Users\Brandon\Desktop\MOOC
2014-07-09 13:27 - 2014-07-09 13:27 - 00000000 ____D () C:\Users\Brandon\Documents\SHMS school
2014-07-09 12:54 - 2014-06-18 22:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 12:54 - 2014-06-18 22:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 12:54 - 2014-06-18 22:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 12:54 - 2014-06-18 22:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 12:54 - 2014-06-18 22:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 12:54 - 2014-06-18 22:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 12:54 - 2014-06-18 22:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 12:54 - 2014-06-18 22:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 12:54 - 2014-06-18 20:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 12:54 - 2014-06-18 20:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 12:54 - 2014-06-18 20:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 12:54 - 2014-06-18 20:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 12:54 - 2014-06-18 20:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 12:54 - 2014-06-18 20:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 12:54 - 2014-06-18 20:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 12:54 - 2014-06-18 20:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 12:54 - 2014-06-18 20:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 12:54 - 2014-06-18 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 12:54 - 2014-06-18 19:37 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-07-09 12:54 - 2014-06-18 19:34 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-07-09 12:54 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 12:54 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 12:54 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 12:54 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 12:54 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 12:54 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 12:54 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 12:54 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 12:54 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 12:54 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 12:54 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 12:54 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 12:54 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 12:54 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 12:53 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 12:53 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 12:53 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 12:53 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 12:53 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 12:53 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 12:53 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 12:53 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 12:53 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 10:43 - 2014-07-09 13:49 - 00000000 ____D () C:\Users\Brandon\Desktop\ABACUS
2014-07-08 14:39 - 2014-07-08 14:39 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 11:48 - 2014-07-08 11:48 - 00000000 ____D () C:\Users\Brandon\AppData\OICE_15_974FA576_32C1D314_52C
2014-07-07 10:34 - 2014-07-07 10:34 - 00033792 _____ () C:\Users\Brandon\Desktop\RE  Schedule For ABACUS Reqs Meeting & User Demonstration.msg
2014-07-03 10:50 - 2014-07-16 15:52 - 00000000 ____D () C:\Users\Brandon\Documents\Carrier HVAC system
2014-06-27 09:14 - 2014-06-27 09:14 - 00000000 ____D () C:\Users\Brandon\Documents\Symantec
2014-06-26 10:14 - 2013-08-13 16:59 - 00060928 _____ () C:\Users\Brandon\Desktop\TMCI and Valytics Employees and Consultant List as of 06072013.xls
2014-06-23 15:18 - 2014-06-23 15:19 - 00000000 ____D () C:\Users\Brandon\AppData\OICE_15_974FA576_32C1D314_19F7

==================== One Month Modified Files and Folders =======

2014-07-22 14:59 - 2014-07-22 14:58 - 00025794 _____ () C:\Users\Brandon\Desktop\FRST.txt
2014-07-22 14:58 - 2014-07-22 14:58 - 02090496 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2014-07-22 14:58 - 2014-07-22 14:58 - 00000000 ____D () C:\FRST
2014-07-22 14:48 - 2014-06-02 22:51 - 00000000 ____D () C:\Users\Brandon\Documents\Outlook Files
2014-07-22 14:47 - 2014-06-03 13:05 - 00000380 _____ () C:\Users\Brandon\AppData\Roaming\sp_data.sys
2014-07-22 14:39 - 2014-06-03 06:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 14:24 - 2014-06-04 10:31 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\.purple
2014-07-22 14:15 - 2014-07-21 20:02 - 00000574 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3665899222-3519402836-621587197-1002.job
2014-07-22 14:14 - 2014-06-06 18:02 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 13:56 - 2014-06-02 19:31 - 01595942 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 12:55 - 2014-06-19 11:21 - 00005004 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Transforming-PC-Brandon Transforming-PC
2014-07-22 09:07 - 2014-07-22 09:04 - 00000000 ____D () C:\Users\Brandon\Desktop\ABACUS_Incr 2_3_Working Group
2014-07-22 09:04 - 2014-07-22 09:04 - 01759876 _____ () C:\Users\Brandon\Desktop\ABACUS_Incr 2_3_RTM_Working Requirements 07082014_07112014_govt input.xlsx
2014-07-22 08:27 - 2014-06-05 16:19 - 00000000 ____D () C:\Users\Brandon\Documents\job search
2014-07-22 07:41 - 2014-07-22 07:35 - 00000000 ____D () C:\Users\Brandon\Documents\NVOWS
2014-07-22 07:32 - 2014-07-22 07:32 - 00000000 ____D () C:\Users\Brandon\Desktop\misc
2014-07-22 04:14 - 2014-06-06 18:02 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 20:32 - 2009-07-14 00:45 - 00020336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 20:32 - 2009-07-14 00:45 - 00020336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 20:29 - 2009-07-14 01:13 - 00786558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 20:25 - 2014-06-02 20:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-21 20:25 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 20:25 - 2009-07-14 00:51 - 00031632 _____ () C:\Windows\setupact.log
2014-07-21 20:02 - 2014-07-21 20:02 - 00003618 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3665899222-3519402836-621587197-1002
2014-07-21 20:02 - 2014-07-21 20:02 - 00000000 ____D () C:\Users\Brandon\AppData\Local\Citrix
2014-07-21 14:08 - 2014-07-21 14:08 - 00000000 ____D () C:\Users\Brandon\Desktop\Faheem
2014-07-21 13:47 - 2014-07-21 13:44 - 00000000 ____D () C:\AdwCleaner
2014-07-21 13:47 - 2014-06-03 00:04 - 00073750 _____ () C:\Windows\PFRO.log
2014-07-21 13:42 - 2014-07-21 13:42 - 01810944 _____ () C:\Users\Brandon\Desktop\FW  ABACUS - Configuration Requirements July 21 - 25.msg
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\SUPERAntiSpyware.com
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-21 11:32 - 2014-07-21 11:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-21 11:23 - 2014-07-14 18:37 - 00000000 ____D () C:\Users\Brandon\Desktop\fishing photos 2014 07 14
2014-07-21 11:22 - 2014-07-21 11:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 11:21 - 2014-07-21 11:18 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Malwarebytes
2014-07-21 11:21 - 2014-07-21 11:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-21 11:21 - 2014-06-17 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-21 11:21 - 2014-06-17 14:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-21 11:17 - 2014-06-17 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 10:26 - 2014-07-21 10:26 - 00000000 ____D () C:\Windows\ERUNT
2014-07-18 11:27 - 2014-07-18 11:26 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\GoContactSyncMOD
2014-07-18 11:26 - 2014-07-18 11:26 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GO Contact Sync Mod
2014-07-18 11:26 - 2014-07-18 11:26 - 00000000 ____D () C:\Program Files (x86)\WebGear
2014-07-18 10:38 - 2014-07-15 13:21 - 00008484 _____ () C:\Users\Brandon\Documents\hours week of 7_15_2014.xlsx
2014-07-18 10:20 - 2014-07-16 08:26 - 00000000 ____D () C:\Users\Brandon\Desktop\temp
2014-07-17 18:14 - 2014-07-17 18:13 - 00000170 _____ () C:\Users\Brandon\Desktop\stext.txt
2014-07-17 13:51 - 2014-06-05 11:40 - 00000000 ____D () C:\Users\Brandon\Documents\Personal
2014-07-17 13:37 - 2014-06-18 14:46 - 00000000 ____D () C:\Users\Brandon\Desktop\DAI
2014-07-16 15:52 - 2014-07-03 10:50 - 00000000 ____D () C:\Users\Brandon\Documents\Carrier HVAC system
2014-07-16 14:29 - 2014-07-16 14:29 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-16 14:29 - 2014-06-02 20:53 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-07-16 14:29 - 2014-06-02 20:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-16 14:29 - 2014-06-02 20:53 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-07-16 12:23 - 2014-06-02 15:41 - 00000000 ____D () C:\Users\Brandon\Desktop\CCQAS
2014-07-15 12:06 - 2014-07-15 12:06 - 00000000 ____D () C:\Users\Brandon\Documents\Investments
2014-07-15 11:05 - 2014-06-05 11:41 - 00000000 ____D () C:\Users\Brandon\Documents\Transforming Technology Inc
2014-07-13 20:01 - 2014-06-13 13:20 - 00030720 _____ () C:\Users\Brandon\Desktop\family birthdays.xls
2014-07-09 20:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-07-09 14:03 - 2014-07-09 13:31 - 00000000 ____D () C:\Users\Brandon\Desktop\MOOC
2014-07-09 13:53 - 2014-06-18 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-09 13:53 - 2014-06-02 21:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 13:52 - 2009-07-14 03:45 - 00000000 ____D () C:\Windows\ShellNew
2014-07-09 13:49 - 2014-07-09 10:43 - 00000000 ____D () C:\Users\Brandon\Desktop\ABACUS
2014-07-09 13:27 - 2014-07-09 13:27 - 00000000 ____D () C:\Users\Brandon\Documents\SHMS school
2014-07-09 13:08 - 2009-07-14 00:45 - 00445928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 13:06 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 13:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 13:06 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 12:58 - 2014-06-04 16:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 12:57 - 2014-06-04 16:10 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-08 14:39 - 2014-07-08 14:39 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 14:39 - 2014-06-03 06:41 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 14:39 - 2014-06-03 06:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 14:39 - 2014-06-03 06:41 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 11:48 - 2014-07-08 11:48 - 00000000 ____D () C:\Users\Brandon\AppData\OICE_15_974FA576_32C1D314_52C
2014-07-07 15:16 - 2014-06-12 12:25 - 00000000 ____D () C:\Users\Brandon\Downloads\usbview
2014-07-07 13:36 - 2014-06-06 09:41 - 00000000 ____D () C:\Users\Brandon\Desktop\Opportunities
2014-07-07 10:34 - 2014-07-07 10:34 - 00033792 _____ () C:\Users\Brandon\Desktop\RE  Schedule For ABACUS Reqs Meeting & User Demonstration.msg
2014-06-30 16:09 - 2014-06-18 15:04 - 00000000 ____D () C:\Users\Brandon\Downloads\subaru radio
2014-06-30 08:05 - 2014-06-03 17:10 - 00000000 ____D () C:\Users\Brandon\AppData\Local\CrashDumps
2014-06-28 18:36 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-06-27 09:14 - 2014-06-27 09:14 - 00000000 ____D () C:\Users\Brandon\Documents\Symantec
2014-06-23 15:19 - 2014-06-23 15:18 - 00000000 ____D () C:\Users\Brandon\AppData\OICE_15_974FA576_32C1D314_19F7
2014-06-23 13:02 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries

Some content of TEMP:
====================
C:\Users\Brandon\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-18 00:01

==================== End Of Log ============================

 

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by Brandon at 2014-07-22 14:59:11
Running from C:\Users\Brandon\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909g (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
Adobe Acrobat 9 Pro (HKLM-x32\...\{AC76BA86-1033-0000-7760-000000000004}{AC76BA86-1033-0000-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro (x32 Version: 9.0.0 - Adobe Systems) Hidden
Adobe Connect Add-in (HKCU\...\Adobe Connect Add-in) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.142.60386 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.142.60386 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.2 - ASUS)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0026 - ASUS)
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1449.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 140.0.65.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
GO Contact Sync Mod (HKLM-x32\...\{CD178FDD-086A-4C2E-935E-8CDB747B0F29}) (Version: 3.6.1 - WebGear, Create Software, Stru.be, saller.NET)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.3.0.1440 (HKCU\...\GoToMeeting) (Version: 6.3.0.1440 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP ALM Microsoft Excel Addin (HKLM-x32\...\{AC3D865A-0D8C-43C0-8BA7-7EC2D34BFBFE}) (Version: 11.0.1.15 - Hewlett-Packard)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 8500 A909 Series (HKLM\...\{F86D9734-D358-4C5B-BC2B-6D90557FF05B}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.3 - ASUS)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Project Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 2.0.271.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
MPM (HKLM-x32\...\{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}) (Version: 1.00.0000 - Hewlett-Packard)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.42.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Snagit 11 (HKLM-x32\...\{90D0FC4B-D653-4F49-BB97-A48C74A52E71}) (Version: 11.4.3 - TechSmith Corporation)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1016 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
TC2000 Version 7 (HKLM-x32\...\{8F899627-1EA1-484D-91EA-7B22C05358DB}) (Version: 7.00.0000 - Worden Brothers Inc)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.35 - ASUS)

==================== Restore Points  =========================

28-06-2014 16:38:05 Scheduled Checkpoint
06-07-2014 13:29:08 Scheduled Checkpoint
09-07-2014 16:54:34 Windows Update
09-07-2014 17:51:03 Installed Microsoft Project Professional 2013
09-07-2014 17:51:19 PRJPROR
18-07-2014 00:07:48 Scheduled Checkpoint
18-07-2014 15:26:27 Installed GO Contact Sync Mod

==================== Scheduled Tasks (whitelisted) =============

Task: {0DE1C920-D121-4E07-9527-799548B23891} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-06] (Google Inc.)
Task: {1060D153-8463-4F4C-91E3-5C5ECA477358} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-06-14] (ASUSTek Computer Inc.)
Task: {153500A0-A795-4B24-BD77-4ECD9E230FDF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {223A7825-4723-4F71-A03A-831AD485AC16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-06] (Google Inc.)
Task: {24899B47-6DE5-4D05-964C-41BD30F660EB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-09-14] (ASUSTek Computer Inc.)
Task: {333C32C4-3F71-4168-8893-586C41147C05} - System32\Tasks\ASUS Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-09-13] (ASUSTeK Computer Inc.)
Task: {52FEA8F0-638D-4B61-A461-C31F6142DECA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {66B76F4E-43D7-4252-B923-B59EEB5C2080} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {69794006-47CD-4453-9E8B-AF8616F6D44D} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {91E1FD5A-CB81-4E31-B686-FC09B6246268} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)
Task: {A42997E5-9B03-4A4E-B8FD-077E9024003A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Transforming-PC-Brandon Transforming-PC => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {AF59E104-686B-4346-8211-912ADCBF9C8C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BEB01718-9BC3-4052-ACE8-21E1CFF6283D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {BF6E3FE0-BC7B-4597-B5D3-575BB01E9598} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {E73302B8-DED0-4686-9CD0-C0C6C51C90DA} - System32\Tasks\G2MUpdateTask-S-1-5-21-3665899222-3519402836-621587197-1002 => C:\Users\Brandon\AppData\Local\Citrix\GoToMeeting\1440\g2mupdate.exe [2014-07-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EE0B7FC1-86D2-4359-AF5F-0AE0E87B42BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {F9D163FE-ECA8-48A8-87CC-350FF0DD84C8} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3665899222-3519402836-621587197-1002.job => C:\Users\Brandon\AppData\Local\Citrix\GoToMeeting\1440\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-02 20:45 - 2013-10-23 04:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-10-01 20:34 - 2012-10-01 20:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-06-03 12:51 - 2012-07-11 15:51 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-06-03 12:51 - 2012-07-11 15:51 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2012-01-31 09:25 - 2012-01-31 09:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-06-07 14:12 - 2012-06-07 14:12 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00036878 _____ () C:\Program Files (x86)\Pidgin\libssp-0.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00671031 _____ () C:\Program Files (x86)\Pidgin\exchndl.dll
2014-06-04 10:30 - 2014-06-04 10:30 - 00904525 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2014-06-04 10:30 - 2014-06-04 10:30 - 00279059 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2014-06-04 10:30 - 2014-06-04 10:30 - 00177586 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2014-06-04 10:30 - 2014-06-04 10:30 - 00553382 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2014-06-04 10:30 - 2014-06-04 10:30 - 00216992 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2014-06-04 10:30 - 2014-06-04 10:30 - 00100352 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 01274655 _____ () C:\Program Files (x86)\Pidgin\libxml2-2.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00475580 _____ () C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00020997 _____ () C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00013253 _____ () C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00024924 _____ () C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00015702 _____ () C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00014147 _____ () C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00018882 _____ () C:\Program Files (x86)\Pidgin\plugins\history.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00012865 _____ () C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00019043 _____ () C:\Program Files (x86)\Pidgin\plugins\idle.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00018555 _____ () C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00015074 _____ () C:\Program Files (x86)\Pidgin\plugins\libaim.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00310443 _____ () C:\Program Files (x86)\Pidgin\liboscar.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00092285 _____ () C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00201726 _____ () C:\Program Files (x86)\Pidgin\plugins\libgg.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00016005 _____ () C:\Program Files (x86)\Pidgin\plugins\libicq.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00106712 _____ () C:\Program Files (x86)\Pidgin\plugins\libirc.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00190464 _____ () C:\Program Files (x86)\Pidgin\libsasl.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00373657 _____ () C:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00150086 _____ () C:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00106670 _____ () C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00123540 _____ () C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00116583 _____ () C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00152852 _____ () C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00171090 _____ () C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 02097721 _____ () C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00818985 _____ () C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00055804 _____ () C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00021337 _____ () C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00416065 _____ () C:\Program Files (x86)\Pidgin\libjabber.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00022832 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00237138 _____ () C:\Program Files (x86)\Pidgin\libymsg.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00019793 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00047391 _____ () C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00021795 _____ () C:\Program Files (x86)\Pidgin\plugins\markerline.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00013456 _____ () C:\Program Files (x86)\Pidgin\plugins\newline.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00029225 _____ () C:\Program Files (x86)\Pidgin\plugins\notify.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00017023 _____ () C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00029256 _____ () C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00015380 _____ () C:\Program Files (x86)\Pidgin\plugins\psychic.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00015429 _____ () C:\Program Files (x86)\Pidgin\plugins\relnot.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00015045 _____ () C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00069575 _____ () C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00028276 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00012004 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00015978 _____ () C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00030353 _____ () C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00032020 _____ () C:\Program Files (x86)\Pidgin\plugins\ticker.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00018399 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00023851 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00029791 _____ () C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00030771 _____ () C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00037191 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2014-02-02 20:19 - 2014-02-02 20:19 - 00044494 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00102400 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00115712 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00140288 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2014-02-02 20:18 - 2014-02-02 20:18 - 00486400 _____ () C:\Program Files (x86)\Pidgin\sqlite3.dll
2014-06-04 10:30 - 2014-06-04 10:30 - 00090496 _____ () C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2014-04-18 15:08 - 2014-04-18 15:08 - 01298432 ____R () C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-04-18 15:14 - 2014-04-18 15:14 - 00134144 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2014-04-18 15:13 - 2014-04-18 15:13 - 00113152 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2012-10-01 20:33 - 2012-10-01 20:33 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-10-01 20:32 - 2012-10-01 20:32 - 01014400 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Officejet Pro 8500 A909g
Description: Officejet Pro 8500 A909g
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 4350
Description: hp LaserJet 4350
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet Pro 8500 A909g
Description: Officejet Pro 8500 A909g
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2014 08:59:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1457830

Error: (07/22/2014 08:59:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1457830

Error: (07/22/2014 08:59:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/22/2014 01:02:13 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (07/21/2014 07:19:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9335755

Error: (07/21/2014 07:19:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9335755

Error: (07/21/2014 07:19:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/21/2014 04:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1077

Error: (07/21/2014 04:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1077

Error: (07/21/2014 04:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (07/22/2014 02:59:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/22/2014 02:29:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/22/2014 01:59:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/22/2014 01:29:22 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/22/2014 00:59:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/22/2014 00:48:01 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (07/22/2014 00:48:01 PM) (Source: Schannel) (EventID: 4106) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (07/22/2014 00:48:01 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (07/22/2014 00:48:01 PM) (Source: Schannel) (EventID: 4106) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (07/22/2014 00:46:29 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Microsoft Office Sessions:
=========================
Error: (07/22/2014 08:59:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1457830

Error: (07/22/2014 08:59:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1457830

Error: (07/22/2014 08:59:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/22/2014 01:02:13 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll2

Error: (07/21/2014 07:19:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9335755

Error: (07/21/2014 07:19:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9335755

Error: (07/21/2014 07:19:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/21/2014 04:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1077

Error: (07/21/2014 04:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1077

Error: (07/21/2014 04:43:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 32720.89 MB
Available physical RAM: 28855.95 MB
Total Pagefile: 65439.97 MB
Available Pagefile: 61183.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:763.05 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:698.63 GB) (Free:109.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: BBC58B91)
Partition 1: (Active) - (Size=699 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 4B898785)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 



#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 23 July 2014 - 03:16 PM

Hello,

can you tell me which of browser are affected?

#5 brranndon

brranndon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 23 July 2014 - 03:54 PM

IE 10



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 24 July 2014 - 12:51 AM

Are you sure that this is not just the "normal" advertisement by Google? Can you please upload a few screenshots that show this AdChoices?

#7 brranndon

brranndon
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:51 AM

Posted 24 July 2014 - 10:21 AM

Hi adaronov, please see attaAttached File  Ad Choices Screenshot.png   181.08KB   0 downloadsAttached File  Ad choices screenshot 3.png   23.16KB   0 downloadsAttached File  Ad Choices screenshot 2.jpg   136.14KB   0 downloadsched.



#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 24 July 2014 - 02:39 PM

These are just normal Google advertisements that are embedded into the websites (you can see that when you hover over the ad to see where it links to). Nothing is wrong with your computer. :)

To convince you I've just visited the same website that is shown on your third screenshot myself on a clean machine and I've got an advertisement there, too: (See the logo in top-right corner that is the same as on your screenshot.)
Attached File  adchoices.jpg   97.18KB   1 downloads

You can only get rid of these advertisements if you use an adbocker in your browser.

#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:51 PM

Posted 03 September 2014 - 06:29 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users