Hi Kevin, thank you for replying! I was infected on both my laptop and desktop from over the summer. I have ran process explorer to check which processes have been verified and I do have some that are running under Microsoft Corporation with unverified signatures (AKA Not gonna happen but you know that). I for sure still have the virus on my laptop but I wanted to confirm that it was completely gone from my desktop. It has been up and running now for some time but I believe the hacker is doing it's work remotely. Are there other tools we could run to make sure my network is safe and that I'm not compromised? Here are some recent logs from farbar. My first logs weren't ran in administrative mode (I'm a damn idiot please forgive me):
FRST.txt
Addition.txt
Also here are some processes I have been investigating via Process Explorer that have some weird strings in their memory (The parenthesis in the text file name is the PID it was used for)
These two and a few others have peaked my interest in what the heck they're doing:
SearchProtocolHost.exe(1540).txt
SkypeHost.exe(10312).txt