tnorian

I did a full system scan with Malaware bytes yesterday (5 hours) with no items found. When I purchased MB a month ago it found and removed a few things I did the "perform flash scan" with MB and it found nothing I downsloaded and rand the tdsskiller from kapersky and it found nothing So. maybe the incoming ip warnings are nothing? I need to check teh wording of the Malwaybytes pop ups from the tool bar but I feel like some of the wording of the warning "we've blocked a malicious site" ? or something is just something I'm worrying to much about. From the logs above I guess you can see I have Norton 360 running, which i've used for years now (as well as its precursors before that) Any help on the Malware angle would be appreciated (even if its a "No Problem I see" ) Thanks again in advance.

and the additional Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2014 02 Ran by Thomas at 2014-03-08 18:30:44 Running from C:\Users\Thomas\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems) Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated) Adobe After Effects CS3 (x32 Version: 8 - Adobe Systems Incorporated) Hidden Adobe After Effects CS3 Presets (x32 Version: 8 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Contribute CS3 (x32 Version: 4.1 - Adobe Systems Incorporated) Hidden Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated) Adobe Creative Suite 3 Master Collection (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated) Adobe Dreamweaver CS3 (x32 Version: 9 - Adobe Systems Incorporated) Hidden Adobe Edge Animate CC (HKLM-x32\...\{00603DFF-6EC5-4E9E-AB3A-AD4C7D61FF13}) (Version: 2.0.1 - Adobe Systems Incorporated) Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated) Adobe Encore CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.1.1 - Adobe Systems Incorporated) Adobe Extension Manager CS3 (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden Adobe Fireworks CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated) Adobe Flash Builder 4.7 (64 Bit) (HKLM-x32\...\{848DE8E1-521D-4748-A158-517708107EF3}) (Version: 4.7 - Adobe Systems Incorporated) Adobe Flash CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Flash Video Encoder (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Gaming SDK 1.3 (HKLM-x32\...\{62FFC6DD-18BB-49FC-AF65-71FB1C0B08AA}) (Version: 1.3 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated) Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated) Adobe InDesign CS3 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Adobe InDesign CS3 Icon Handler (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe MotionPicture Color Files (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Muse (HKLM-x32\...\{9A554C9D-E12D-4205-8101-9F4337CD5673}) (Version: 7.0 - Adobe Systems Incorporated) Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 7.0.314 - Adobe Systems Incorporated) Adobe Muse (x32 Version: 7.0.314 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe) Adobe Prelude CC (HKLM-x32\...\{5D73C19B-BE10-44A6-96B2-A516756ED29F}) (Version: 2.2.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated) Adobe Premiere Pro CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Premiere Pro CS3 Functional Content (x32 Version: 8 - Adobe Systems Incorporated) Hidden Adobe Premiere Pro CS3 Third Party Content (HKLM-x32\...\Adobe_71c180716438072ebd356ce2549df41) (Version: 3 - Adobe Systems Incorporated) Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated) Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe SING CS3 (x32 Version: 0.1 - Adobe Systems Incorporated) Hidden Adobe Soundbooth CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe Soundbooth CS3 Codecs (HKLM-x32\...\Adobe_42fe5c8ddcc4280fb81b214b4c90a63) (Version: 3 - Adobe Systems Incorporated) Adobe Soundbooth CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe SpeedGrade CC (HKLM-x32\...\{29AA12E9-934C-485E-A9A1-D823FEB29880}) (Version: 7.2.0 - Adobe Systems Incorporated) Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe Version Cue CS3 Server (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden Adobe Video Profiles (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe WAS CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe XMP DVA Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.0 - Adobe Systems Incorporated) Adobe® Content Viewer (x32 Version: 3.4.0 - Adobe Systems Incorporated) Hidden AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC) AMD Catalyst Install Manager (HKLM\...\{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team) Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden BirdieSync 2.4.8.0 (HKLM-x32\...\BirdieSync) (Version: 2.4.8.0 - Callicia) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Carbonite Online Backup Setup (HKLM-x32\...\Carbonite Setup Lite) (Version: 3.8.0 - Carbonite Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Core Implementation (x32 Version: 2010.0113.2208.39662 - ATI) Hidden Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0113.2208.39662 - ATI) Hidden Catalyst Control Center Graphics Full New (x32 Version: 2010.0113.2208.39662 - ATI) Hidden Catalyst Control Center Graphics Light (x32 Version: 2010.0113.2208.39662 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0113.2208.39662 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0113.2208.39662 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0113.2208.39662 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2010.0113.2208.39662 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Czech (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Danish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Dutch (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help English (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Finnish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help French (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help German (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Greek (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Hungarian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Italian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Japanese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Korean (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Norwegian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Polish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Portuguese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Russian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Spanish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Swedish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Thai (x32 Version: 2010.0113.2207.39662 - ATI) Hidden CCC Help Turkish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden ccc-core-static (x32 Version: 2010.0113.2208.39662 - ATI) Hidden ccc-utility64 (Version: 2010.0113.2208.39662 - ATI) Hidden Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.) Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5744.02 - Dell Inc.) Dell Support Center (Version: 3.0.5744.02 - PC-Doctor, Inc.) Hidden Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.3.2.10 - Dell) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden Dokan Library 0.6.0 (HKLM-x32\...\DokanLibrary) (Version: - ) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Dragons Prophet (HKCU\...\SOE-Dragons Prophet) (Version: - Sony Online Entertainment) EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden EVE Online (remove only) (HKLM-x32\...\EVE) (Version: - CCP Games Ltd.) EveHQ (HKLM-x32\...\EveHQ) (Version: - ) EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.4.4125 - battleclinic.com) Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff) Global Agenda Launcher (HKLM-x32\...\{722AF0E9-9BAB-4556-9AA6-B5240D46E4B3}) (Version: 1.0.0 - Hi-Rez Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - ) HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company) hp officejet 6100 series (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard) HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo and Imaging 2.0 - All-in-One (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden HP Photo and Imaging 2.0 - All-in-One Drivers (x32 Version: 1.10.0000 - Hewlett-Packard Company) Hidden HP Photo and Imaging 2.0 - hp officejet 6100 series (HKLM-x32\...\HP OfficeJet 6100 Series) (Version: - ) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation) iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lightroom 5.2 (HKLM-x32\...\{9bcd38e7-1f9a-4536-8cd4-96448263f367}) (Version: 5.2 - Adobe Systems Incorporated) Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.) Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech) Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech) Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.) Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) Mozilla Thunderbird 24.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 en-US)) (Version: 24.3.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Multimedia Card Reader (HKLM-x32\...\InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower) Multimedia Card Reader (x32 Version: 1.4.915.1 - Fitipower) Hidden muvee Reveal Seagate Edition (HKLM-x32\...\{78E9A751-5616-233F-1249-16AC5758C646}) (Version: 7.0.41.11017 - muvee Technologies Pte Ltd) Nether (HKLM-x32\...\Steam App 247730) (Version: - Phosphor Games) Norton 360 (HKLM-x32\...\N360) (Version: 21.1.0.18 - Symantec Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation) NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation) NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.) Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden Roxio BackOnTrack (x32 Version: 1.3.0 - Roxio) Hidden Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio) Roxio Easy CD and DVD Burning (x32 Version: 10.3.106 - Roxio) Hidden Roxio Easy VHS to DVD (HKLM-x32\...\{15210C5B-9E04-4BF7-B019-AE958F238333}) (Version: 2.0 - Roxio) Roxio Easy VHS to DVD (x32 Version: 2.0.123 - Roxio) Hidden Roxio Express Labeler (x32 Version: 3.2.1 - Roxio) Hidden Roxio File Backup (Version: 1.3.0 - Roxio) Hidden Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden Roxio Video Capture USB (x32 Version: 1.22.0000 - Roxio) Hidden Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Seagate Manager Installer (HKLM-x32\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate) Seagate Manager Installer (x32 Version: 2.01.0600 - Seagate) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) SiSoftware Sandra Lite 2011 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.15.2011.1 - SiSoftware) Skins (x32 Version: 2010.0113.2208.39662 - ATI) Hidden Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.7.8524 - Skype Technologies S.A.) Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH) The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED) TiVo Desktop 2.8.2 (HKLM-x32\...\{4E839090-3B68-436A-B3CF-A2A08C38DD26}) (Version: 2.8.412.369 - TiVo Inc.) TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc) TurboTax 2010 wcaiper (x32 Version: 010.000.1393 - Intuit Inc.) Hidden TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.4227 - Intuit Inc.) Hidden TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0483 - Intuit Inc.) Hidden TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0214 - Intuit Inc.) Hidden TurboTax 2010 wrapper (x32 Version: 010.000.0157 - Intuit Inc.) Hidden TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc) TurboTax 2011 wcaiper (x32 Version: 011.000.1647 - Intuit Inc.) Hidden TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2999 - Intuit Inc.) Hidden TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0495 - Intuit Inc.) Hidden TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0214 - Intuit Inc.) Hidden TurboTax 2011 wrapper (x32 Version: 011.000.0121 - Intuit Inc.) Hidden TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc) TurboTax 2012 wcaiper (x32 Version: 012.000.1430 - Intuit Inc.) Hidden TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2083 - Intuit Inc.) Hidden TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451 - Intuit Inc.) Hidden TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179 - Intuit Inc.) Hidden TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1036 - Intuit Inc.) Hidden TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0312 - Intuit Inc.) Hidden TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0140 - Intuit Inc.) Hidden TurboTax 2013 wrapper (x32 Version: 013.000.0128 - Intuit Inc.) Hidden Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft) User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech) VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) WinSCP 5.5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.5.1 - Martin Prikryl) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.4.0.17399 - Blizzard Entertainment) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) ==================== Restore Points ========================= 05-03-2014 12:00:10 Windows Update 08-03-2014 00:06:24 Installed TurboTax 2013 wrapper ==================== Hosts content: ========================== 2013-12-10 19:25 - 2013-09-03 17:19 - 00000833 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0A39D38B-891A-48EE-AEC8-0D9427A2CF14} - System32\Tasks\{525FA779-9144-4E8C-8220-16F59FA3BD7C} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] () Task: {0CF0DD58-BE7D-4605-A2BD-64F464E5091F} - System32\Tasks\{7CDF2BD8-E47E-46B8-B185-F106F60E2984} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.) Task: {14CBA65C-3865-4116-8A1F-F473D93C0076} - System32\Tasks\{8456EC9C-5A45-4715-99DF-9E57021FC613} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] () Task: {1804DE7E-948D-426E-929F-72D3556A79BB} - System32\Tasks\AdobeAAMUpdater-1.0-Thomas-PC-Thomas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated) Task: {34E0333F-3096-48B2-B724-68E91DCF87D7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {360D3387-DAC1-4DDD-B308-C656E0A9F85D} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-12-03] (PC-Doctor, Inc.) Task: {3EFFBE47-F008-4243-A735-0DD59D17E346} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-12-03] (PC-Doctor, Inc.) Task: {7589D1D2-D5AD-46FD-891C-68F7948E6903} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {7CCDF48A-5540-4CBA-98EE-4A03291A9AF5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {89AD63A2-A3D3-41D3-867B-74CA4482CA11} - System32\Tasks\{F6E90F8D-4AA2-47C9-9893-8F91D5C0126B} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.) Task: {90C1E32A-1938-434A-856A-5633822DD454} - System32\Tasks\{CDDBF4A1-882B-4097-9C63-910A07AC095C} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] () Task: {9EEB0701-E974-4CC5-B434-DCB23929BB34} - System32\Tasks\{E49B49E5-105C-4984-915E-FDB3F5399392} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.) Task: {AC47C3A1-24B6-4D31-BFC6-DFFEF8737FC7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-12-03] (PC-Doctor, Inc.) Task: {BD6EF81C-8E94-4684-8611-ADFEE2C14EE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-06] (Google Inc.) Task: {CBB93DEE-90C3-4A4D-B7C5-B0BD59E992B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-27] (Adobe Systems Incorporated) Task: {E3962D9E-1CEE-4771-B928-ED7A81BE5455} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-06] (Google Inc.) Task: {EA112BE9-DB30-478B-B987-DF5F957BBB1A} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation) Task: {F3662658-0B2D-4B50-BB94-AF5562DF7A5C} - System32\Tasks\{E8B422C7-D4B5-4FB4-85ED-FEE1B299FB4D} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] () Task: {F4103DE2-D2EE-4F11-A2E6-81113FAB8FCF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation) Task: {F996C832-76C3-43AD-BA7F-5CFBAC23800F} - System32\Tasks\{1D7220C5-D93A-4A57-B89E-BB5E2059BD44} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-11-02] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe ==================== Loaded Modules (whitelisted) ============= 2012-12-31 17:20 - 2013-12-19 10:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-02-11 03:21 - 2014-02-11 03:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2012-06-18 07:24 - 2012-06-18 07:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-02-13 04:17 - 2014-02-13 04:17 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e0cca00b42165c0b882a7ef23368c6ac\PSIClient.ni.dll 2014-02-22 00:00 - 2014-02-12 16:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:7BC7E6BA AlternateDataStreams: C:\Users\Thomas\Downloads\Haley Reinhart & Casey Abrams Performances @ CityWalk LA.wma:Roxio EMC Stream ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service" ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: Adobe Version Cue CS3 => 3 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: DokanMounter => 2 MSCONFIG\Services: FLEXnet Licensing Service => 3 MSCONFIG\Services: FreeAgentGoNext Service => 2 MSCONFIG\Services: GoToAssist => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: IntuitUpdateService => 2 MSCONFIG\Services: IntuitUpdateServiceV4 => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: N360 => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: nvUpdatusService => 2 MSCONFIG\Services: RoxMediaDB10 => 3 MSCONFIG\Services: RoxMediaDBVHS => 3 MSCONFIG\Services: SandraAgentSrv => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: stllssvr => 3 MSCONFIG\startupreg: DellSystemDetect => C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: ) Description: (5464) Asapi: (17:00:32:8590)(5464) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: ) Description: (5464) Asapi: (17:00:32:8590)(5464) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec. Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: ) Description: (5464) Asapi: (17:00:32:8590)(5464) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 528 Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor) (User: ) Description: (5464) Asapi: (17:00:32:7690)(5464) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3412) child process 528 exited with return code: 259 Error: (03/08/2014 05:00:17 PM) (Source: Application Error) (User: ) Description: Faulting application name: pcdrsysinfocsmi.p5x, version: 6.0.5744.2, time stamp: 0x4ce47064 Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace4e7 Exception code: 0x40000015 Fault offset: 0x000000000004267f Faulting process id: 0x210 Faulting application start time: 0xpcdrsysinfocsmi.p5x0 Faulting application path: pcdrsysinfocsmi.p5x1 Faulting module path: pcdrsysinfocsmi.p5x2 Report Id: pcdrsysinfocsmi.p5x3 Error: (03/07/2014 08:14:02 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: ) Description: (3700) Asapi: (17:00:33:1050)(3700) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: ) Description: (3700) Asapi: (17:00:33:1040)(3700) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec. Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: ) Description: (3700) Asapi: (17:00:33:1040)(3700) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 2580 Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor) (User: ) Description: (3700) Asapi: (17:00:33:1020)(3700) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3260) child process 2580 exited with return code: 259 System errors: ============= Error: (03/08/2014 06:16:07 PM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AFS RxFilter Error: (03/08/2014 06:15:49 PM) (Source: Service Control Manager) (User: ) Description: The SessionLauncher service failed to start due to the following error: %%2 Error: (03/08/2014 06:15:35 PM) (Source: Service Control Manager) (User: ) Description: The Dock Login Service service failed to start due to the following error: %%2 Error: (03/07/2014 08:14:01 PM) (Source: Service Control Manager) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (03/07/2014 08:14:01 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (03/07/2014 09:01:03 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AFS RxFilter Error: (03/07/2014 09:00:44 AM) (Source: Service Control Manager) (User: ) Description: The SessionLauncher service failed to start due to the following error: %%2 Error: (03/07/2014 09:00:35 AM) (Source: Service Control Manager) (User: ) Description: The Dock Login Service service failed to start due to the following error: %%2 Error: (03/06/2014 02:46:03 PM) (Source: Service Control Manager) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (03/06/2014 02:46:03 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Microsoft Office Sessions: ========================= Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: ) Description: (5464) Asapi: (17:00:32:8590)(5464) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: ) Description: (5464) Asapi: (17:00:32:8590)(5464) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec. Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: ) Description: (5464) Asapi: (17:00:32:8590)(5464) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 528 Error: (03/08/2014 05:00:32 PM) (Source: PC-Doctor)(User: ) Description: (5464) Asapi: (17:00:32:7690)(5464) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3412) child process 528 exited with return code: 259 Error: (03/08/2014 05:00:17 PM) (Source: Application Error)(User: ) Description: pcdrsysinfocsmi.p5x6.0.5744.24ce47064MSVCR90.dll9.0.30729.61614dace4e740000015000000000004267f21001cf3b32ecfc19bfC:\Program Files\Dell Support Center\pcdrsysinfocsmi.p5xC:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll2d6e474c-a726-11e3-a04a-842b2bafecda Error: (03/07/2014 08:14:02 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: ) Description: (3700) Asapi: (17:00:33:1050)(3700) enumerator - Error -- 118 pcdrsysinfocsmi: Module returned no data Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: ) Description: (3700) Asapi: (17:00:33:1040)(3700) Matrix.ModuleImp - Error -- 52 Unable to get information from module due to failed exec. Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: ) Description: (3700) Asapi: (17:00:33:1040)(3700) libCommon.System.Windows - Error -- 720 execAndGetPipeData(./pcdrsysinfocsmi.p5x) readFromPipeTimed failed, killing: 2580 Error: (03/07/2014 05:00:33 PM) (Source: PC-Doctor)(User: ) Description: (3700) Asapi: (17:00:33:1020)(3700) libCommon.System.Windows - Error -- 590 readFromPipeTimed(3260) child process 2580 exited with return code: 259 ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8151.08 MB Available physical RAM: 6003.95 MB Total Pagefile: 16300.34 MB Available Pagefile: 14077.25 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:920.59 GB) (Free:544.76 GB) NTFS Drive d: (TurboTax 2013) (CDROM) (Total:0.38 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 33AEB6E6) Partition 1: (Not Active) - (Size=31 MB) - (Type=DE) Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=921 GB) - (Type=07 NTFS) ==================== End Of Log ============================

and the frst64 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-03-2014 02 Ran by Thomas (administrator) on THOMAS-PC on 08-03-2014 18:29:37 Running from C:\Users\Thomas\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe (Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.) HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.) HKLM-x32\...\Run: [shwiconXP9106] - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2009-07-17] (Alcor Micro Corp.) HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation) HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-20] (Adobe Systems Inc.) Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X] HKU\.DEFAULT\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0 HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0 HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0 HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Run: [best Buy pc app] - C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Run: [AdobeBridge] - [X] HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-21-3787918934-1339134289-2097263373-1000\...\MountPoints2: {32f71023-5c9d-11e3-a59a-806e6f6e6963} - D:\setup.exe Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File) Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600.lnk ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1 URLSearchHook: HKCU - (No Name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - No File SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=139&systemid=406&sr=0&q={searchTerms} SearchScopes: HKCU - {71F8C047-56F3-4AB3-8344-F07AF0AA6B9F} URL = SearchScopes: HKCU - {8E452ED2-4A0F-4467-8B07-93F9A805718D} URL = SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {F375116A-793C-11D2-BFE1-444553540001} http://mls.realist.com/mapviewer/mapviewer.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\rpjq8e4w.default FF Homepage: https://my.yahoo.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF Plugin HKCU: adobe.com/AdobeExManCCDetect32 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems) FF Plugin HKCU: adobe.com/AdobeExManCCDetect64 - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.) FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-20] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-01] FF HKLM-x32\...\Sunbird\Extensions: [{A69F5EC7-88F0-4902-A15C-E569DFA33C3A}] - C:\Program Files (x86)\BirdieSync\Sunbird Service FF Extension: BirdieSync - C:\Program Files (x86)\BirdieSync\Sunbird Service [2014-02-07] FF HKLM-x32\...\Thunderbird\Extensions: [{A69F5EC7-88F0-4902-A15C-E569DFA33C3A}] - C:\Program Files (x86)\BirdieSync\Thunderbird Service FF Extension: BirdieSync - C:\Program Files (x86)\BirdieSync\Thunderbird Service [2014-02-07] Chrome: ======= CHR HomePage: https://duckduckgo.com/ CHR DefaultSearchKeyword: dontbubble.us CHR DefaultSearchProvider: DuckDuckGo CHR DefaultSearchURL: https://duckduckgo.com/?q={searchTerms} CHR DefaultNewTabURL: CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll () CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) CHR Plugin: (AdobeExManCCDetect) - C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems) CHR Plugin: (AdobeExManDetect) - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-16] CHR Extension: (Google Search) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-16] CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-01] CHR Extension: (Summer Fields) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lioedaeelokfajcbbdbbljmcjadfbngf [2012-10-16] CHR Extension: (Norton Identity Protection) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-01-10] CHR Extension: (Google Wallet) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-16] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-20] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-21] ==================== Services (Whitelisted) ================= S4 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation) S4 RoxMediaDBVHS; C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe [1116656 2010-02-19] (Sonic Solutions) S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [93848 2009-08-17] (SiSoftware) S4 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.) S2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [X] S2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [X] ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows ® Win 7 DDK provider) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140307.001\IDSvia64.sys [524504 2014-03-05] (Symantec Corporation) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140308.007\ENG64.SYS [126040 2013-11-19] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140308.007\EX64.SYS [2099288 2013-11-19] (Symantec Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-20] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation) S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-08 18:21 - 2014-03-08 18:25 - 00002480 _____ () C:\Users\Thomas\Desktop\RKreport[0]_S_03082014_182157.txt 2014-03-07 16:07 - 2014-03-07 16:07 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk 2014-03-07 09:03 - 2014-03-07 09:03 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (3).jnlp 2014-03-05 19:49 - 2014-03-08 18:30 - 00030509 _____ () C:\Users\Thomas\Downloads\FRST.txt 2014-03-05 19:49 - 2014-03-08 18:29 - 00000000 ____D () C:\FRST 2014-03-05 19:49 - 2014-03-05 19:50 - 00055429 _____ () C:\Users\Thomas\Downloads\Addition.txt 2014-03-05 19:47 - 2014-03-05 19:47 - 02156544 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe 2014-03-05 19:43 - 2014-03-05 19:43 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe 2014-03-05 18:26 - 2014-03-05 19:34 - 00000000 ____D () C:\Users\Thomas\Desktop\RK_Quarantine 2014-03-05 18:19 - 2014-03-05 18:19 - 04413952 _____ () C:\Users\Thomas\Downloads\RogueKillerX64.exe 2014-03-05 04:00 - 2014-03-05 04:01 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-02-28 18:47 - 2014-02-28 18:47 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\tor 2014-02-28 18:44 - 2014-02-28 18:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US(1).exe 2014-02-27 20:46 - 2014-03-08 17:01 - 00000000 ____D () C:\Users\Thomas\AppData\Local\The Witcher 2014-02-27 20:46 - 2014-02-27 21:19 - 00000000 ____D () C:\Users\Thomas\Documents\The Witcher 2014-02-27 20:43 - 2014-02-27 20:44 - 00000000 ____D () C:\Users\Public\Documents\The Witcher 2014-02-27 20:10 - 2014-02-27 20:10 - 00000221 _____ () C:\Users\Thomas\Desktop\The Witcher Enhanced Edition.url 2014-02-27 18:18 - 2014-02-27 18:18 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Chromium 2014-02-26 15:34 - 2014-02-26 15:34 - 00000000 ____D () C:\Users\Thomas\Documents\EVE 2014-02-26 10:32 - 2014-02-26 10:32 - 00141312 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013 (1).xls 2014-02-26 10:25 - 2014-02-26 10:25 - 00014336 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013.xls 2014-02-26 10:14 - 2014-02-26 10:14 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (2).jnlp 2014-02-26 09:55 - 2014-02-26 09:55 - 00058850 _____ () C:\Users\Thomas\Downloads\tradesdownload.csv 2014-02-26 08:25 - 2014-02-26 08:26 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (1).jnlp 2014-02-22 09:45 - 2014-02-28 18:49 - 00000000 ____D () C:\Users\Thomas\Desktop\Tor Browser 2014-02-22 09:44 - 2014-02-22 09:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US.exe 2014-02-22 00:06 - 2014-02-22 00:06 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Macromedia 2014-02-22 00:01 - 2014-02-22 00:01 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Mozilla 2014-02-22 00:00 - 2014-02-22 00:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-22 00:00 - 2014-02-22 00:00 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-21 23:58 - 2014-02-21 23:58 - 00282840 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 27.0.1.exe 2014-02-21 22:24 - 2014-02-21 22:24 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Thomas\Downloads\spybot-2.2.exe 2014-02-21 15:26 - 2014-02-21 15:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer (1).exe 2014-02-21 15:25 - 2014-02-21 15:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer.exe 2014-02-21 15:07 - 2014-03-05 20:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-21 15:07 - 2014-02-21 15:27 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-02-21 15:07 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-02-21 15:06 - 2014-02-21 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (2).exe 2014-02-21 15:05 - 2014-02-21 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (1).exe 2014-02-21 10:12 - 2014-02-21 10:12 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (45).jnlp 2014-02-18 23:34 - 2014-02-18 23:34 - 12576996 _____ () C:\Users\Thomas\Downloads\ruby-1.9.3-p484.tar.gz 2014-02-17 16:12 - 2014-02-17 16:12 - 00675472 _____ (getcomposer.org ) C:\Users\Thomas\Downloads\Composer-Setup.exe 2014-02-16 20:42 - 2014-02-16 20:42 - 00315184 _____ () C:\Users\Thomas\Downloads\adaptivetheme-7.x-3.1.tar.gz 2014-02-16 18:43 - 2014-02-16 18:43 - 00000600 _____ () C:\Users\Thomas\AppData\Roaming\PUTTY.RND 2014-02-16 18:31 - 2014-02-19 00:31 - 00000600 _____ () C:\Users\Thomas\AppData\Local\PUTTY.RND 2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\Program Files (x86)\PuTTY 2014-02-16 18:27 - 2014-02-16 18:27 - 01869122 _____ (Simon Tatham ) C:\Users\Thomas\Downloads\putty-0.63-installer.exe 2014-02-16 17:58 - 2014-02-16 17:58 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master (1).zip 2014-02-16 17:57 - 2014-02-16 17:57 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master.zip 2014-02-16 17:38 - 2014-02-16 17:38 - 05300360 _____ (Martin Prikryl ) C:\Users\Thomas\Downloads\winscp551setup.exe 2014-02-15 17:56 - 2014-02-15 17:56 - 00015353 _____ () C:\Users\Thomas\Downloads\auto_entitylabel-7.x-1.2.tar.gz 2014-02-13 04:02 - 2013-12-21 01:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-13 04:02 - 2013-12-21 00:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-13 04:01 - 2014-02-06 03:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-13 04:01 - 2014-02-06 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-13 04:01 - 2014-02-06 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-13 04:01 - 2014-02-06 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-13 04:00 - 2014-02-06 04:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-13 04:00 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-13 04:00 - 2014-02-06 03:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-13 04:00 - 2014-02-06 03:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-13 04:00 - 2014-02-06 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-13 04:00 - 2014-02-06 02:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-13 04:00 - 2014-02-06 02:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-13 04:00 - 2014-02-06 02:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-13 04:00 - 2014-02-06 02:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-13 04:00 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-13 04:00 - 2014-02-06 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-13 04:00 - 2014-02-06 02:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-13 04:00 - 2014-02-06 02:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-13 04:00 - 2014-02-06 02:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-13 04:00 - 2014-02-06 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-13 04:00 - 2014-02-06 02:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-13 04:00 - 2014-02-06 01:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-13 04:00 - 2014-02-06 01:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-13 04:00 - 2014-02-06 01:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-13 04:00 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-13 04:00 - 2014-02-06 01:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-13 04:00 - 2014-02-06 01:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-13 04:00 - 2014-02-06 01:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-13 04:00 - 2014-02-06 01:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-13 04:00 - 2014-02-06 01:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-13 04:00 - 2014-02-06 01:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-13 04:00 - 2014-02-06 01:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-13 04:00 - 2014-02-06 01:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-13 04:00 - 2014-02-06 01:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-13 04:00 - 2014-02-06 01:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-13 04:00 - 2014-02-06 00:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-13 04:00 - 2014-02-06 00:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-13 04:00 - 2014-02-06 00:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-13 04:00 - 2014-02-06 00:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-13 04:00 - 2014-02-06 00:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-12 16:11 - 2013-12-31 15:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-12 16:11 - 2013-12-31 15:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-12 16:11 - 2013-12-24 15:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-12 16:11 - 2013-12-24 14:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-12 16:11 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-12 16:11 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-12 16:11 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-12 16:11 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-12 16:11 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-12 16:11 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-12 16:11 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-12 16:11 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-12 16:11 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-12 16:11 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-12 16:11 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-12 16:11 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-12 16:11 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-12 16:11 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-12 16:11 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-12 16:11 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-12 16:11 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-12 16:11 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-12 16:11 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-12 16:11 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-12 16:11 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-12 16:11 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-12 16:11 - 2013-11-26 00:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-12 16:11 - 2013-11-22 14:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-09 18:10 - 2014-02-09 18:10 - 00319641 _____ () C:\Users\Thomas\Downloads\Tom039sTom-Tom-2014-02-09T18-10-19.mysql.gz 2014-02-09 17:17 - 2014-02-09 17:17 - 00033326 _____ () C:\Users\Thomas\Downloads\libraries-7.x-2.2.tar.gz 2014-02-07 20:34 - 2014-02-07 20:34 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Trolltech 2014-02-07 18:41 - 2014-02-07 21:16 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\BirdieSync 2014-02-07 18:41 - 2014-02-07 18:41 - 00000000 ____D () C:\Users\Thomas\.android 2014-02-07 18:40 - 2014-02-07 18:41 - 00000000 ____D () C:\Program Files (x86)\BirdieSync 2014-02-07 18:33 - 2014-02-07 18:38 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup (1).exe 2014-02-07 17:52 - 2014-02-07 17:54 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup.exe 2014-02-07 17:32 - 2014-02-07 18:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-02-07 17:29 - 2014-02-07 17:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2014-02-07 17:12 - 2014-02-07 17:12 - 00049050 _____ () C:\Users\Thomas\Downloads\duplicate_contact_manager-0.9.2-tb.xpi 2014-02-07 16:12 - 2014-02-07 16:12 - 02707352 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\vcredist_x86 (2).EXE ==================== One Month Modified Files and Folders ======= 2014-03-08 18:30 - 2014-03-05 19:49 - 00030509 _____ () C:\Users\Thomas\Downloads\FRST.txt 2014-03-08 18:29 - 2014-03-05 19:49 - 00000000 ____D () C:\FRST 2014-03-08 18:25 - 2014-03-08 18:21 - 00002480 _____ () C:\Users\Thomas\Desktop\RKreport[0]_S_03082014_182157.txt 2014-03-08 18:20 - 2009-07-13 21:10 - 01853940 _____ () C:\Windows\WindowsUpdate.log 2014-03-08 18:20 - 2009-07-13 20:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-08 18:20 - 2009-07-13 20:45 - 00026000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-08 18:15 - 2012-12-31 17:20 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-03-08 18:15 - 2011-02-06 14:20 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-08 18:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-08 18:15 - 2009-07-13 20:51 - 00115750 _____ () C:\Windows\setupact.log 2014-03-08 17:01 - 2014-02-27 20:46 - 00000000 ____D () C:\Users\Thomas\AppData\Local\The Witcher 2014-03-08 17:01 - 2010-12-11 19:58 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job 2014-03-08 17:00 - 2011-01-13 21:40 - 00000000 ____D () C:\Users\Thomas\AppData\Local\CrashDumps 2014-03-08 17:00 - 2010-12-14 17:00 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher 2014-03-08 17:00 - 2010-12-11 19:58 - 00003452 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2014-03-08 16:58 - 2011-02-06 14:21 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-08 16:15 - 2012-07-17 21:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-08 14:06 - 2013-07-17 21:39 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-08 02:00 - 2007-07-01 15:54 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Adobe 2014-03-07 18:57 - 2011-02-11 17:01 - 00000000 ____D () C:\Users\Thomas\Documents\TurboTax 2014-03-07 16:07 - 2014-03-07 16:07 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk 2014-03-07 16:07 - 2012-04-06 16:05 - 00000785 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2014-03-07 16:06 - 2011-02-11 15:40 - 00000000 ____D () C:\Program Files (x86)\TurboTax 2014-03-07 09:05 - 2011-11-16 14:24 - 00002000 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\E-TRADE Pro.lnk 2014-03-07 09:04 - 2011-08-08 10:29 - 00000000 ____D () C:\Users\Thomas\etpro 2014-03-07 09:03 - 2014-03-07 09:03 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (3).jnlp 2014-03-05 20:50 - 2014-02-21 15:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-05 19:50 - 2014-03-05 19:49 - 00055429 _____ () C:\Users\Thomas\Downloads\Addition.txt 2014-03-05 19:47 - 2014-03-05 19:47 - 02156544 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe 2014-03-05 19:43 - 2014-03-05 19:43 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe 2014-03-05 19:34 - 2014-03-05 18:26 - 00000000 ____D () C:\Users\Thomas\Desktop\RK_Quarantine 2014-03-05 18:19 - 2014-03-05 18:19 - 04413952 _____ () C:\Users\Thomas\Downloads\RogueKillerX64.exe 2014-03-05 18:18 - 2012-07-14 18:13 - 00000000 ____D () C:\Users\Thomas\Documents\ComputerWEB 2014-03-05 08:56 - 2011-01-05 14:11 - 00000000 ____D () C:\Users\Thomas\Documents\Kelly 2014-03-05 08:07 - 2011-08-08 10:29 - 00000000 ____D () C:\data 2014-03-05 04:01 - 2014-03-05 04:00 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-05 04:01 - 2011-10-30 23:40 - 00000000 ____D () C:\ProgramData\Skype 2014-03-05 04:00 - 2011-10-30 23:40 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-04 17:14 - 2010-12-14 17:00 - 00000000 ____D () C:\ProgramData\PCDr 2014-03-04 07:12 - 2010-11-11 04:04 - 01530652 _____ () C:\Windows\PFRO.log 2014-02-28 18:49 - 2014-02-22 09:45 - 00000000 ____D () C:\Users\Thomas\Desktop\Tor Browser 2014-02-28 18:47 - 2014-02-28 18:47 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\tor 2014-02-28 18:44 - 2014-02-28 18:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US(1).exe 2014-02-28 18:39 - 2012-12-05 09:59 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bounce Metronome 2014-02-27 21:19 - 2014-02-27 20:46 - 00000000 ____D () C:\Users\Thomas\Documents\The Witcher 2014-02-27 20:46 - 2010-11-11 02:19 - 00668272 _____ () C:\Windows\DirectX.log 2014-02-27 20:44 - 2014-02-27 20:43 - 00000000 ____D () C:\Users\Public\Documents\The Witcher 2014-02-27 20:10 - 2014-02-27 20:10 - 00000221 _____ () C:\Users\Thomas\Desktop\The Witcher Enhanced Edition.url 2014-02-27 18:50 - 2012-12-31 17:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-02-27 18:50 - 2012-12-31 17:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-02-27 18:49 - 2013-12-19 15:21 - 00000000 ____D () C:\Users\Thomas\AppData\Local\NVIDIA Corporation 2014-02-27 18:49 - 2012-12-31 17:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-02-27 18:18 - 2014-02-27 18:18 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Chromium 2014-02-27 16:57 - 2012-07-17 21:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-27 16:57 - 2012-04-03 09:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-27 16:57 - 2011-05-25 06:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-26 15:42 - 2013-05-31 07:41 - 00031883 _____ () C:\Users\Thomas\Desktop\debug.log 2014-02-26 15:34 - 2014-02-26 15:34 - 00000000 ____D () C:\Users\Thomas\Documents\EVE 2014-02-26 10:35 - 2013-06-25 17:30 - 00000000 ____D () C:\Users\Thomas\Documents\Stock Reports 2014-02-26 10:32 - 2014-02-26 10:32 - 00141312 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013 (1).xls 2014-02-26 10:25 - 2014-02-26 10:25 - 00014336 _____ () C:\Users\Thomas\Downloads\TaxableGainsLossesDownloadFrom_01-01-2013_to_12-31-2013.xls 2014-02-26 10:14 - 2014-02-26 10:14 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (2).jnlp 2014-02-26 09:55 - 2014-02-26 09:55 - 00058850 _____ () C:\Users\Thomas\Downloads\tradesdownload.csv 2014-02-26 08:26 - 2014-02-26 08:25 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (1).jnlp 2014-02-25 10:03 - 2013-12-17 16:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-22 09:44 - 2014-02-22 09:44 - 22892386 _____ () C:\Users\Thomas\Downloads\torbrowser-install-3.5.2.1_en-US.exe 2014-02-22 00:06 - 2014-02-22 00:06 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Macromedia 2014-02-22 00:01 - 2014-02-22 00:01 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Mozilla 2014-02-22 00:01 - 2014-02-22 00:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-22 00:01 - 2013-12-17 16:18 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Mozilla 2014-02-22 00:00 - 2014-02-22 00:00 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-02-21 23:58 - 2014-02-21 23:58 - 00282840 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Setup Stub 27.0.1.exe 2014-02-21 22:24 - 2014-02-21 22:24 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Thomas\Downloads\spybot-2.2.exe 2014-02-21 22:05 - 2013-06-25 17:19 - 00000000 ____D () C:\Users\Thomas\Documents\Game Info 2014-02-21 22:05 - 2011-02-17 15:46 - 00000000 ____D () C:\Users\Thomas\Documents\Letters 2014-02-21 22:03 - 2011-07-27 00:17 - 00000000 ____D () C:\Users\Thomas\Documents\My Games 2014-02-21 15:27 - 2014-02-21 15:07 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-02-21 15:26 - 2014-02-21 15:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer (1).exe 2014-02-21 15:25 - 2014-02-21 15:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-consumer.exe 2014-02-21 15:06 - 2014-02-21 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (2).exe 2014-02-21 15:06 - 2014-02-21 15:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Thomas\Downloads\mbam-setup-1.75.0.1300 (1).exe 2014-02-21 10:12 - 2014-02-21 10:12 - 00005079 _____ () C:\Users\Thomas\Downloads\etpro_launch (45).jnlp 2014-02-20 15:42 - 2014-02-02 21:58 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Razer 2014-02-20 15:42 - 2014-02-02 21:57 - 00000000 ____D () C:\ProgramData\Razer 2014-02-20 15:42 - 2014-02-02 21:57 - 00000000 ____D () C:\Program Files (x86)\Razer 2014-02-19 08:12 - 2012-08-06 11:11 - 00000600 _____ () C:\Users\Thomas\AppData\Roaming\winscp.rnd 2014-02-19 00:31 - 2014-02-16 18:31 - 00000600 _____ () C:\Users\Thomas\AppData\Local\PUTTY.RND 2014-02-18 23:34 - 2014-02-18 23:34 - 12576996 _____ () C:\Users\Thomas\Downloads\ruby-1.9.3-p484.tar.gz 2014-02-18 15:43 - 2009-07-13 21:13 - 00788478 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-18 15:18 - 2010-12-11 19:58 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job 2014-02-18 13:11 - 2010-12-11 19:58 - 00004272 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2014-02-18 09:49 - 2012-08-02 21:41 - 00001061 _____ () C:\Users\Thomas\Desktop\Notepad++.lnk 2014-02-18 09:49 - 2012-08-02 21:41 - 00001061 _____ () C:\Users\Administrator\Desktop\Notepad++.lnk 2014-02-18 09:49 - 2012-08-02 21:41 - 00000000 ____D () C:\Program Files (x86)\Notepad++ 2014-02-17 16:12 - 2014-02-17 16:12 - 00675472 _____ (getcomposer.org ) C:\Users\Thomas\Downloads\Composer-Setup.exe 2014-02-16 20:42 - 2014-02-16 20:42 - 00315184 _____ () C:\Users\Thomas\Downloads\adaptivetheme-7.x-3.1.tar.gz 2014-02-16 18:43 - 2014-02-16 18:43 - 00000600 _____ () C:\Users\Thomas\AppData\Roaming\PUTTY.RND 2014-02-16 18:28 - 2014-02-16 18:28 - 00000000 ____D () C:\Program Files (x86)\PuTTY 2014-02-16 18:27 - 2014-02-16 18:27 - 01869122 _____ (Simon Tatham ) C:\Users\Thomas\Downloads\putty-0.63-installer.exe 2014-02-16 17:58 - 2014-02-16 17:58 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master (1).zip 2014-02-16 17:57 - 2014-02-16 17:57 - 00591599 _____ () C:\Users\Thomas\Downloads\drush-master.zip 2014-02-16 17:40 - 2012-08-06 11:11 - 00000985 _____ () C:\Users\Thomas\Desktop\WinSCP.lnk 2014-02-16 17:40 - 2012-08-06 11:11 - 00000000 ____D () C:\Program Files (x86)\WinSCP 2014-02-16 17:38 - 2014-02-16 17:38 - 05300360 _____ (Martin Prikryl ) C:\Users\Thomas\Downloads\winscp551setup.exe 2014-02-16 10:37 - 2013-12-18 13:49 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-02-16 10:36 - 2013-12-18 13:49 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\vlc 2014-02-15 17:56 - 2014-02-15 17:56 - 00015353 _____ () C:\Users\Thomas\Downloads\auto_entitylabel-7.x-1.2.tar.gz 2014-02-14 23:12 - 2013-07-31 02:05 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-14 23:09 - 2010-12-12 16:05 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-14 22:49 - 2010-11-11 02:12 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-02-14 21:12 - 2013-12-01 10:15 - 00001303 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-02-13 21:13 - 2010-12-12 22:04 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\TS3Client 2014-02-13 05:30 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache 2014-02-13 04:28 - 2009-07-13 21:08 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-13 04:09 - 2011-02-22 08:40 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-13 04:05 - 2010-12-21 20:16 - 00764708 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-02-13 04:03 - 2009-07-13 18:34 - 00000601 _____ () C:\Windows\win.ini 2014-02-11 10:53 - 2011-02-06 14:21 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-11 10:53 - 2011-02-06 14:20 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-09 18:10 - 2014-02-09 18:10 - 00319641 _____ () C:\Users\Thomas\Downloads\Tom039sTom-Tom-2014-02-09T18-10-19.mysql.gz 2014-02-09 17:17 - 2014-02-09 17:17 - 00033326 _____ () C:\Users\Thomas\Downloads\libraries-7.x-2.2.tar.gz 2014-02-07 21:16 - 2014-02-07 18:41 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\BirdieSync 2014-02-07 20:34 - 2014-02-07 20:34 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Trolltech 2014-02-07 19:09 - 2011-04-05 21:05 - 00000000 ____D () C:\Users\Thomas\Documents\Real Estate 2011 2014-02-07 18:46 - 2014-02-07 17:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-02-07 18:41 - 2014-02-07 18:41 - 00000000 ____D () C:\Users\Thomas\.android 2014-02-07 18:41 - 2014-02-07 18:40 - 00000000 ____D () C:\Program Files (x86)\BirdieSync 2014-02-07 18:41 - 2010-12-11 19:56 - 00000000 ____D () C:\Users\Thomas 2014-02-07 18:38 - 2014-02-07 18:33 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup (1).exe 2014-02-07 17:54 - 2014-02-07 17:52 - 24231580 _____ (Callicia) C:\Users\Thomas\Downloads\BirdieSyncSetup.exe 2014-02-07 17:29 - 2014-02-07 17:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2014-02-07 17:12 - 2014-02-07 17:12 - 00049050 _____ () C:\Users\Thomas\Downloads\duplicate_contact_manager-0.9.2-tb.xpi 2014-02-07 16:22 - 2013-12-17 16:18 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Thunderbird 2014-02-07 16:12 - 2014-02-07 16:12 - 02707352 _____ (Microsoft Corporation) C:\Users\Thomas\Downloads\vcredist_x86 (2).EXE 2014-02-06 04:16 - 2014-02-13 04:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 03:30 - 2014-02-13 04:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 03:30 - 2014-02-13 04:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 03:12 - 2014-02-13 04:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 03:07 - 2014-02-13 04:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 03:06 - 2014-02-13 04:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 02:57 - 2014-02-13 04:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 02:56 - 2014-02-13 04:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 02:52 - 2014-02-13 04:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 02:49 - 2014-02-13 04:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 02:48 - 2014-02-13 04:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 02:48 - 2014-02-13 04:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 02:38 - 2014-02-13 04:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-06 02:32 - 2014-02-13 04:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 02:20 - 2014-02-13 04:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-06 02:17 - 2014-02-13 04:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 02:11 - 2014-02-13 04:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 02:01 - 2014-02-13 04:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-06 02:00 - 2014-02-13 04:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-06 01:57 - 2014-02-13 04:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-06 01:57 - 2014-02-13 04:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 01:52 - 2014-02-13 04:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-06 01:52 - 2014-02-13 04:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-06 01:50 - 2014-02-13 04:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 01:49 - 2014-02-13 04:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-06 01:47 - 2014-02-13 04:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-06 01:46 - 2014-02-13 04:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-06 01:25 - 2014-02-13 04:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-06 01:25 - 2014-02-13 04:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-06 01:24 - 2014-02-13 04:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 01:22 - 2014-02-13 04:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 01:13 - 2014-02-13 04:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-06 01:09 - 2014-02-13 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-06 01:03 - 2014-02-13 04:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-06 00:55 - 2014-02-13 04:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 00:41 - 2014-02-13 04:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-06 00:40 - 2014-02-13 04:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-06 00:36 - 2014-02-13 04:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-06 00:34 - 2014-02-13 04:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll Files to move or delete: ==================== C:\Users\Thomas\disable_caps_lock.reg Some content of TEMP: ==================== C:\Users\Thomas\AppData\Local\Temp\ntdll_dump.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-28 02:57 ==================== End Of Log ============================

premeemtively , here is my roguekiller report: RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Thomas [Admin rights] Mode : Scan -- Date : 03/08/2014 18:21:57 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Best Buy pc app (C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-3787918934-1339134289-2097263373-1000\[...]\Run : Best Buy pc app (C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x][x][x]) -> FOUND [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤ [Default][sUSP PATH] Best Buy pc app.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk @C:\PROGRA~3\BESTBU~1\CLICKO~1.EXE "C:\ProgramData\Best Buy pc app\Best Buy pc app.application" [-][-][-] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) ATA ST1000DM003-1CH1 SCSI Disk Device +++++ --- User --- [MBR] ad80ed00b4c47b41d5f55efbfa3e0655 [bSP] 3b0c2f399ea279faaf40021ada00e07a : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 31 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 64260 | Size: 11146 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22892625 | Size: 942689 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_03082014_182157.txt >> RKreport[0]_S_03052014_182834.txt;RKreport[0]_S_03052014_183016.txt

Hi, I've tried to browse here and read a few but for whatever reason I haven't developed a clear sense of what is and what isn't a problem. I've been feeling strange issues with my browsers and even some frequent crashes of first chrome 2 weeks ago and then after switching , occasionally with firefox. There seems to be some flash or shockwave based issue but ... ... after being very careful the crashes haven't conitnued... ... but i start feeling the browsers getting slow.. and I've been shutting them down for good measure when they start acting up. ... additional info.. I like to keep open a few dozen tabs sometimes in addition to 5 or six applicactions.. steam games Word, (maybe 3 or 4 windows of it) a few file folders.. sometimes my task manager etc... sometimes adobe products but Ill usually close the games with those. ... I do run three monitors and primarily use my browser on my third monitor for reading and the other screens for working or playing on non browser applications. ... all of that worked great for 3 years on the same exact machine but started getting a bit squirrelly a month ago. It could be possible I put one security measure too many on .. but I would like to rule out the Malware issue and did dot the courtesy of paying for pro. And I appreciate that you are volunteers here and I'm grateful in advance for the work you do to help others. OK All that said ... here are two days of malware byte logs 2014/03/08 00:05:56 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 01:48:25 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 03:58:25 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 04:16:10 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 04:52:03 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 05:26:45 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 05:37:18 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 37017, Process: svchost.exe) 2014/03/08 05:47:26 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 07:08:02 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 9000, Process: svchost.exe) 2014/03/08 07:55:24 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 09:00:15 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 09:26:08 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 10:11:55 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 11:06:05 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 12:37:13 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 65192, Process: svchost.exe) 2014/03/08 13:49:56 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 14:25:21 -0800 THOMAS-PC Thomas IP-BLOCK 59.34.55.57 (Type: incoming, Port: 5000, Process: svchost.exe) 2014/03/08 14:51:39 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 15:10:45 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 15:42:17 -0800 THOMAS-PC Thomas MESSAGE Executing scheduled update: Daily 2014/03/08 15:42:25 -0800 THOMAS-PC Thomas MESSAGE Scheduled update executed successfully: database updated from version v2014.03.07.10 to version v2014.03.08.10 2014/03/08 15:42:25 -0800 THOMAS-PC Thomas MESSAGE Starting database refresh 2014/03/08 15:42:25 -0800 THOMAS-PC Thomas MESSAGE Stopping IP protection 2014/03/08 15:42:25 -0800 THOMAS-PC Thomas MESSAGE IP Protection stopped successfully 2014/03/08 15:42:28 -0800 THOMAS-PC Thomas MESSAGE Database refreshed successfully 2014/03/08 15:42:28 -0800 THOMAS-PC Thomas MESSAGE Starting IP protection 2014/03/08 15:42:29 -0800 THOMAS-PC Thomas MESSAGE IP Protection started successfully 2014/03/08 16:00:55 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 3801, Process: svchost.exe) 2014/03/08 16:28:19 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/08 18:15:51 -0800 THOMAS-PC Thomas MESSAGE Starting protection 2014/03/08 18:15:51 -0800 THOMAS-PC Thomas MESSAGE Protection started successfully 2014/03/08 18:15:51 -0800 THOMAS-PC Thomas MESSAGE Starting IP protection 2014/03/08 18:15:52 -0800 THOMAS-PC Thomas MESSAGE IP Protection started successfully 2014/03/07 00:01:57 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 1026, Process: svchost.exe) 2014/03/07 00:01:57 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 1026, Process: svchost.exe) 2014/03/07 00:24:46 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 00:56:00 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 01:22:50 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 01:46:03 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 02:21:58 -0800 THOMAS-PC (null) IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 09:00:46 -0800 THOMAS-PC Thomas MESSAGE Starting protection 2014/03/07 09:00:46 -0800 THOMAS-PC Thomas MESSAGE Protection started successfully 2014/03/07 09:00:46 -0800 THOMAS-PC Thomas MESSAGE Starting IP protection 2014/03/07 09:00:47 -0800 THOMAS-PC Thomas MESSAGE IP Protection started successfully 2014/03/07 09:21:17 -0800 THOMAS-PC Thomas IP-BLOCK 222.186.34.143 (Type: incoming, Port: 22, Process: svchost.exe) 2014/03/07 09:36:32 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 10:52:11 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 11:53:00 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 12:56:10 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 13:54:12 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 15:38:57 -0800 THOMAS-PC Thomas MESSAGE Executing scheduled update: Daily 2014/03/07 15:39:04 -0800 THOMAS-PC Thomas MESSAGE Scheduled update executed successfully: database updated from version v2014.03.06.10 to version v2014.03.07.10 2014/03/07 15:39:04 -0800 THOMAS-PC Thomas MESSAGE Starting database refresh 2014/03/07 15:39:04 -0800 THOMAS-PC Thomas MESSAGE Stopping IP protection 2014/03/07 15:39:04 -0800 THOMAS-PC Thomas MESSAGE IP Protection stopped successfully 2014/03/07 15:39:07 -0800 THOMAS-PC Thomas MESSAGE Database refreshed successfully 2014/03/07 15:39:07 -0800 THOMAS-PC Thomas MESSAGE Starting IP protection 2014/03/07 15:39:08 -0800 THOMAS-PC Thomas MESSAGE IP Protection started successfully 2014/03/07 16:43:57 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 9687, Process: svchost.exe) 2014/03/07 17:04:55 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 17:25:08 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 19:33:59 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 20:08:44 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 20:35:01 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe) 2014/03/07 21:31:21 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.51 (Type: incoming, Port: 12704, Process: svchost.exe) 2014/03/07 23:12:00 -0800 THOMAS-PC Thomas IP-BLOCK 93.174.93.67 (Type: incoming, Port: 21320, Process: svchost.exe)