Thanks so much for your help

dmkeng · December 10, 2013

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by David Kramer at 22:08:37 on 2013-12-09
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16361.12562 [GMT -8:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
C:\MentorGraphics\9.1PADS\SDD_HOME\iCDB\win32\bin\iCDBNetLauncher.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\David Kramer\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Users\David Kramer\AppData\Local\Smartbar\Application\QuickShare.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
C:\Users\David Kramer\AppData\Roaming\VERIZON\UA_ar\UA.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Microsoft Games\hearts\hearts.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uURLSearchHooks: Connect DLCS Toolbar: {aad50c91-b136-49d9-8b30-0e8d3ead63d0} - C:\Program Files (x86)\Connect_DLCS\prxtbConn.dll
mURLSearchHooks: Connect DLCS Toolbar: {aad50c91-b136-49d9-8b30-0e8d3ead63d0} - C:\Program Files (x86)\Connect_DLCS\prxtbConn.dll
mWinlogon: Userinit = userinit.exe
BHO: {134DA043-566E-4572-82E6-8978D0ED03D8} - <orphaned>
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
BHO: Connect DLCS Toolbar: {aad50c91-b136-49d9-8b30-0e8d3ead63d0} - C:\Program Files (x86)\Connect_DLCS\prxtbConn.dll
BHO: DealPly Shopping: {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: GreatArcadeHits Add-on: {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Users\David Kramer\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Connect DLCS Toolbar: {AAD50C91-B136-49D9-8B30-0E8D3EAD63D0} - C:\Program Files (x86)\Connect_DLCS\prxtbConn.dll
TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
TB: Connect DLCS Toolbar: {aad50c91-b136-49d9-8b30-0e8d3ead63d0} - C:\Program Files (x86)\Connect_DLCS\prxtbConn.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
uRun: [searchProtect] C:\Users\David Kramer\AppData\Roaming\SearchProtect\bin\cltmng.exe
uRun: [browser Infrastructure Helper] C:\Users\David Kramer\AppData\Local\Smartbar\Application\QuickShare.exe startup
uRun: [backgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\David Kramer\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [VMonitorVMUVC] "C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe" VMUVC
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
StartupFolder: C:\Users\DAVIDK~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERIZO~1.LNK - C:\Users\David Kramer\AppData\Roaming\VERIZON\UA_ar\UA.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: C:\Windows\System32\AdpeakProxy.dll
Trusted Zone: bankofamerica.com
Trusted Zone: localhost

TCP: NameServer = 192.168.0.1 192.168.0.2
TCP: Interfaces\{CE8EAF83-CDC6-4BFE-AAE5-F5DF75908BB0} : DHCPNameServer = 192.168.0.1 192.168.0.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [ATIModeChange] Ati2mdxx.exe
x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-11-13 09:24; {aad50c91-b136-49d9-8b30-0e8d3ead63d0}; C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\extensions\{aad50c91-b136-49d9-8b30-0e8d3ead63d0}
FF - ExtSQL: 2013-11-13 09:24; {906000a4-88d9-4d52-b209-7a772970d91f}; C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 firedrv;Generic OHCILynx-1394 (intek);C:\Windows\System32\drivers\firedrv.sys [2013-7-29 136096]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2010-11-21 24880]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-21 303408]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-27 46368]
R2 AdpeakProxy;AdpeakProxy;C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe [2013-10-16 3688448]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2012-5-4 65024]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-2-2 202752]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-9-22 220960]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-20 13592]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-4-20 133800]
R2 Level Quality Watcher;Level Quality Watcher;C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 --> C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 [?]
R2 MGC.SDD.RSCM.2007.8;Remote Server Configuration Manager 2007.8;C:\MentorGraphics\9.1PADS\SDD_HOME\iCDB\win32\bin\iCDBNetLauncher.exe [2012-4-25 1445888]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-8-19 1248256]
R2 Sentinel64;Sentinel64;C:\Windows\System32\drivers\sentinel64.sys [2012-9-10 145448]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-1-22 5071712]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-8 1771544]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-9-26 266240]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
R3 PGRGIGE;PointGrey Image Filter Driver;C:\Windows\System32\drivers\PGRGIGE.sys [2013-8-7 42496]
R3 PGRUSB;PGR USB 3 Extensible Host Controller;C:\Windows\System32\drivers\PGRXHCI.sys [2011-11-30 148480]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\Windows\System32\drivers\SNTUSB64.SYS [2008-7-11 58664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 dealplylive;DealPly Live Service (dealplylive);C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-11-13 148000]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 dealplylivem;DealPly Live Service (dealplylivem);C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-11-13 148000]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-11 111616]
S3 MCHPUSB;MCHPUSB;C:\Windows\System32\drivers\mchpusb64.sys [2008-5-12 64512]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-9 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-9 181248]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2013-2-18 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2013-2-18 71680]
S3 sonydcam;Generic 1394 Desktop Camera;C:\Windows\System32\drivers\sonydcam.sys [2009-7-13 33792]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsb2;Driver for TellerScan Device;C:\Windows\System32\drivers\TsUsb2.sys [2013-1-18 53760]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 VMUVC;Vimicro Camera Service VMUVC;C:\Windows\System32\drivers\vmuvc.sys [2012-12-17 198400]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;C:\Windows\System32\drivers\vvftUVC.sys [2012-12-17 303616]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-25 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\NOTEPAD.EXE "%1"
.
=============== Created Last 30 ================
.
2013-12-09 16:57:01   --------   d-----w-   C:\Users\David Kramer\AppData\Local\SearchProtect
2013-11-14 17:50:32   439296   ----a-w-   C:\Windows\System32\AdpeakProxy64.dll
2013-11-14 17:50:20   338944   ----a-w-   C:\Windows\SysWow64\AdpeakProxy.dll
2013-11-14 17:50:12   --------   d-----w-   C:\Program Files\ScorpionSaver Services
2013-11-13 17:11:18   1474048   ----a-w-   C:\Windows\System32\crypt32.dll
2013-11-13 17:11:18   1168384   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2013-11-13 17:09:44   404480   ----a-w-   C:\Windows\System32\gdi32.dll
2013-11-13 17:09:44   311808   ----a-w-   C:\Windows\SysWow64\gdi32.dll
2013-11-13 17:09:40   859648   ----a-w-   C:\Windows\System32\IKEEXT.DLL
2013-11-13 17:09:40   830464   ----a-w-   C:\Windows\System32\nshwfp.dll
2013-11-13 17:09:40   656896   ----a-w-   C:\Windows\SysWow64\nshwfp.dll
2013-11-13 17:09:40   324096   ----a-w-   C:\Windows\System32\FWPUCLNT.DLL
2013-11-13 17:09:40   216576   ----a-w-   C:\Windows\SysWow64\FWPUCLNT.DLL
2013-11-13 17:07:25   57344   ----a-r-   C:\Users\David Kramer\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut11_98798AFA4B0B41FAA9B8FF8835A64952.exe
2013-11-13 17:07:25   57344   ----a-r-   C:\Users\David Kramer\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\NewShortcut1_3F3768693B314C7692F69858832BE52C.exe
2013-11-13 17:07:25   53248   ----a-r-   C:\Users\David Kramer\AppData\Roaming\Microsoft\Installer\{2E6FA5CA-1597-4219-AF62-D9B061E7C448}\ARPPRODUCTICON.exe
.
==================== Find3M ====================
.
2013-11-13 17:53:51   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 17:53:51   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-11 06:06:45   46368   ----a-w-   C:\Windows\System32\drivers\avgtpx64.sys
2013-11-06 05:55:48   150808   ----a-w-   C:\Windows\System32\drivers\avgdiska.sys
2013-11-05 05:52:42   240920   ----a-w-   C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-01 07:00:18   212280   ----a-w-   C:\Windows\System32\drivers\avgldx64.sys
2013-11-01 06:49:46   294712   ----a-w-   C:\Windows\System32\drivers\avgloga.sys
2013-10-25 06:25:58   194872   ----a-w-   C:\Windows\System32\drivers\avgidsha.sys
2013-10-08 14:51:05   873384   ----a-w-   C:\Windows\SysWow64\npDeployJava1.dll
2013-10-08 14:51:00   796072   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2013-10-08 14:50:37   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-04 02:28:31   190464   ----a-w-   C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17   197120   ----a-w-   C:\Windows\System32\credui.dll
2013-10-04 02:24:49   1930752   ----a-w-   C:\Windows\System32\authui.dll
2013-10-04 01:58:50   152576   ----a-w-   C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25   168960   ----a-w-   C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00   1796096   ----a-w-   C:\Windows\SysWow64\authui.dll
2013-10-01 08:52:08   123704   ----a-w-   C:\Windows\System32\drivers\avgmfx64.sys
2013-09-28 01:09:10   497152   ----a-w-   C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40   95680   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40   154560   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33   28672   ----a-w-   C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33   135680   ----a-w-   C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01   28160   ----a-w-   C:\Windows\System32\secur32.dll
2013-09-25 02:22:59   340992   ----a-w-   C:\Windows\System32\schannel.dll
2013-09-25 02:21:50   307200   ----a-w-   C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07   1447936   ----a-w-   C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24   247808   ----a-w-   C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42   220160   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24   30720   ----a-w-   C:\Windows\System32\lsass.exe
2013-09-11 16:51:21   108968   ----a-w-   C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-11 16:51:20   973736   ----a-w-   C:\Windows\System32\deployJava1.dll
2013-09-11 16:51:20   1095080   ----a-w-   C:\Windows\System32\npDeployJava1.dll
2012-04-30 18:10:22   431888   ----a-r-   C:\Program Files (x86)\Common Files\riched20.dll
.
============= FINISH: 22:09:00.99 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/19/2012 7:14:57 PM
System Uptime: 12/9/2013 8:44:13 PM (2 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | P8P67 DELUXE
Processor: Intel® Core i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 397.422 GiB free.
D: is CDROM ()
K: is FIXED (NTFS) - 466 GiB total, 329.586 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP200: 12/3/2013 11:14:16 AM - Installed Silicon Labs 8-Bit IDE
RP201: 12/3/2013 11:16:17 AM - Installed Silicon Labs Configuration Wizard 2
RP202: 12/3/2013 11:17:27 AM - Installed Silicon Labs FLASH Programming Utilities
RP203: 12/3/2013 11:18:35 AM - Installed Silicon Labs ToolStick Development Tools
.
==== Installed Programs ======================
.
8-bit Microcontroller Studio Tools
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Adobe Shockwave Player 11.6
Altium Designer
AMD DnD V1.0.19
AnswerWorks Runtime
Anti-phishing Domain Advisor
Apple Application Support
Apple Software Update
ASUS E-Green Uninstall
ATI AVIVO64 Codecs
ATI Catalyst Install Manager
AVG 2014
AVG Security Toolbar
AVT FirePackage
blekko search bar
Bluetooth Win7 Suite (64)
Brother MFL-Pro Suite DCP-8110DN
Carbonite
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Connect DLCS Toolbar for IE
Crystal Reports for Visual Studio
Dealply
DealPly (remove only)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Digital microscope
Dotfuscator Software Services - Community Edition
DVDFab 8.2.2.6 (25/12/2012) Qt
DWGeditor
E-Hammer
eDrawings 2007
ExamDiff 1.9 (Build 1.9.0.2)
Extended Asian Language font pack for Adobe Reader XI
Eyegaze Edge Development Software
FileHippo.com Update Checker
FileZilla Client 3.7.3
FlyCap2 Viewer 2.5 Release 4 (x64)
FlyCapture 2.2 Release 14 (x64)
Free Download Manager 3.9.2
GC-Prevue
Google Earth Plug-in
Google Update Helper
GreatArcadeHits
HandBrake 0.9.8
HiJackThis
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2890573)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2890573)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
HydraVision
IAR Embedded Workbench for 8051
IDE
Intel® Network Connections 15.6.25.0
Intel® Rapid Storage Technology
IrfanView (remove only)
Java 7 Update 40 (64-bit)
Java 7 Update 45
Java Auto Updater
JetMP3
JMicron JMB36X Driver
Keil µVision4
LTspice IV
Malwarebytes Anti-Malware version 1.75.0.1300
marvell 91xx driver
Mechanical Desktop 5
Mechanical Desktop 6
Mentor Graphics CAMCAD Runtime install
Mentor Graphics Products
MGC Visual Studio 7 Runtime
MicroCapture 2.0
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Help Viewer 1.1
Microsoft IntelliPoint 8.2
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ Compilers 2010 Standard - enu - x64
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Macro Tools
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MPLAB C for PIC18 MCUs
MPLAB Tools v8.86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyFreeCodec
MyTomTom 3.2.0.802
Nero 10 Movie ThemePack Basic
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero CoverDesigner 10 Help (CHM)
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero MediaHub 10
Nero MediaHub 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
OpenOffice.org 3.4
OpenProj
Orcad Family Release 9.2 Standalone
OyOyOy -- The Sequel
PicoScope 6
PrimoPDF -- brought to you by Nitro PDF Software
QuickBooks
QuickBooks Pro 2012
QuickShare
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Samsung Kies
Samsung Kies3
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
ScorpionSaver Services
SDCC
Search Protect by conduit
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Sentinel System Driver Installer 7.5.0
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
Silicon Laboratories Configuration Wizard 2
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
Silicon Laboratories FLASH Programming Utilities
Silicon Laboratories ToolStick Development Tools
Silicon Labs 8-Bit IDE_2 (c:\SiLabs\MCU_2)
Silicon Labs 8-Bit IDE_3 (c:\SiLabs\MCU_3)
Silicon Labs C8051Fxxx uVision Driver
Silicon Labs Configuration Wizard 2_3 (c:\SiLabs\MCU_2_3)
Silicon Labs Configuration Wizard 2_4 (c:\SiLabs\MCU_3_4)
Silicon Labs FLASH Programming Utilities_4 (C:\SiLabs\MCU_2_3_4)
Silicon Labs FLASH Programming Utilities_5 (C:\SiLabs\MCU_3_4_5)
Silicon Labs ToolStick Development Tools_5 (c:\SiLabs\MCU_2_3_4_5)
Silicon Labs ToolStick Development Tools_6 (c:\SiLabs\MCU_3_4_5_6)
SolidWorks 2007 SP0
SolidWorks eDrawings 2012
SolidWorks eDrawings 2013 x64
SolidWorks Explorer 2007 sp0
SolidWorks Installation Manager
Sql Server Customer Experience Improvement Program
SUABnR
swMSM
TeamViewer 8
TrueCrypt
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Verizon Wireless Software Upgrade Assistant - Samsung(ar)
Verizon Wireless Software Utility Application for Android - Samsung
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Visual Studio C++ 10.0 Runtime
VLC media player 2.1.1
Volo View Express
WCF RIA Services V1.0 SP1
Web Deployment Tool
Windows Driver Package - Android-Sync.com (WinUSB) AndroidUsbDeviceClass (05/01/2013 13.0.0501.00000)
Windows Driver Package - Digital Check Corporation (TsUsb2) USB (04/01/2010 2.0.0.0)
Windows Driver Package - LG Electronics Inc (ANDModem) Modem (11/30/2010 2.2.0.0)
Windows Driver Package - LG Electronics Inc. (Andbus) USB (11/30/2010 2.2.0.0)
Windows Driver Package - LG Electronics Inc. (AndDiag) Ports (11/30/2010 2.2.0.0)
Windows Driver Package - LG Electronics Inc. (AndGps) Ports (11/30/2010 2.2.0.0)
Windows Driver Package - LG Electronics, Inc. (andnetndis) Net (03/07/2012 3.7.0.0)
Windows Driver Package - LG Electronics, Inc. Net (03/07/2012 3.7.0.0)
Windows Driver Package - LG Electronics, Inc. WPD (03/07/2012 3.7.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (03/25/2013 2.9.508.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssadbus) USB (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssadmdm) Modem (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssadserd) Ports (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaebus) USB (02/05/2010 5.14.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaemdm) Modem (02/05/2010 5.14.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaend5) Net (02/05/2010 5.14.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaeunic) USB (02/05/2010 5.14.0.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdbus) USB (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdmdm) Modem (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdserd) Ports (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscebus) USB (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscemdm) Modem (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssceserd) Ports (11/30/2012 5.30.14.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssuddmgr) Ports (03/25/2013 2.9.508.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (03/25/2013 2.9.508.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudobex) Ports (03/25/2013 2.9.508.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudserd) Ports (03/25/2013 2.9.508.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. Net (03/25/2013 2.9.508.0)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. Net (05/13/2011 5.28.2.1)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. WPD (03/25/2013 2.9.508.0)
Windows Driver Package - Silicon Laboratories (silabenm) Ports (12/10/2012 6.6.1.0)
WinZip 12.0
.
==== Event Viewer Messages From Past Week ========
.
12/9/2013 2:59:50 PM, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 252.
12/9/2013 11:29:38 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
12/8/2013 9:53:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
12/8/2013 9:53:09 PM, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

dmkeng · December 10, 2013

I should have mentioned that I am getting redirected to un-asked for web pages and many web sites have double underlined text with strange links. I'm using Mozilla Firefox 25.0.1 and AVG anti-virus. Thanks for your help.

MrCharlie · December 10, 2013

Welcome to the forum.

Please uninstall these from your add/remove programs if you can:
blekko search bar
Dealply
DealPly (remove only)
GreatArcadeHits
ScorpionSaver Services
Search Protect by conduit

Then........

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
When it's done you'll see: Pending: Please uncheck elements you don't want removed.
Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
Look over the log especially under Files/Folders for any program you want to save.
If there's a program you may want to save, just uncheck it from AdwCleaner.
If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
If you're ready to clean it all up.....click the Clean button.
After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted:
Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Next........

Clean out temp files by using disk cleanup or.........

Download, install and run CCleaner free to clean out temp files.
Here's a Tutorial if needed.
You may want to uncheck "cookies" and please stay away from the registry cleaner.

Last......

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC

dmkeng · December 11, 2013

I've done everything that was asked. Here are the results. Please tell me what if anything I need to do next. Thank you again for all your help.

# AdwCleaner v3.015 - Report created 11/12/2013 at 10:05:58
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : David Kramer - DMK-I7
# Running from : C:\Users\Public\Downloads\Malware Bytes\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Level Quality Watcher

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
[x] Not Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\DealPlyLive
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[x] Not Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\DealPlyLive
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\ScorpionSaver
Folder Deleted : C:\Program Files (x86)\Connect_DLCS
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\DAVIDK~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\DAVIDK~1\AppData\Local\Temp\CT3153924
Folder Deleted : C:\Users\David Kramer\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\David Kramer\AppData\Local\Conduit
Folder Deleted : C:\Users\David Kramer\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\David Kramer\AppData\Local\Searchprotect
Folder Deleted : C:\Users\David Kramer\AppData\Local\Smartbar
[x] Not Deleted : C:\Users\David Kramer\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\David Kramer\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\David Kramer\AppData\LocalLow\Connect_DLCS
Folder Deleted : C:\Users\David Kramer\AppData\Roaming\DealPly
Folder Deleted : C:\Users\David Kramer\Documents\optimizer pro
[x] Not Deleted : C:\Users\Debug\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Debug\AppData\Local\Searchprotect
[x] Not Deleted : C:\Users\Debug\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Debug\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\CT3153924
Folder Deleted : C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\Extensions\{aad50c91-b136-49d9-8b30-0e8d3ead63d0}
Folder Deleted : C:\Users\David Kramer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3153924
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E49F0B41-3322-11D4-AEFE-00C04F61025C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC73A488-162B-4000-942F-9D641AAB8C98}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC73A488-162B-4000-942F-9D641AAB8C98}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD0C478B-1181-43D3-BEBF-14D8A7DCEB6D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A750CD4-3C89-4278-8AE7-762F7DCAADE0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{AAD50C91-B136-49D9-8B30-0E8D3EAD63D0}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Adpeak, Inc.
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DealPlyLive
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Scorpion Saver
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Connect_DLCS
Key Deleted : HKLM\Software\Adpeak, Inc.
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DealPlyLive
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\Connect_DLCS
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E810AB6-F34E-49A3-A93F-9E503660F718}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\prefs.js ]

Line Deleted : user_pref("CT3153924.FF19Solved", "true");
Line Deleted : user_pref("CT3153924.UserID", "UN11939037343032728");
Line Deleted : user_pref("CT3153924.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3153924.fullUserID", "UN11939037343032728.IN.20131113092412");
Line Deleted : user_pref("CT3153924.installDate", "13/11/2013 09:24:13");
Line Deleted : user_pref("CT3153924.installSessionId", "{79F1B5A6-1C42-46FF-895F-4A7AE3926932}");
Line Deleted : user_pref("CT3153924.installSp", "TRUE");
Line Deleted : user_pref("CT3153924.installerVersion", "1.7.1.7");
Line Deleted : user_pref("CT3153924.keyword", "true");

Line Deleted : user_pref("CT3153924.originalSearchEngine", "Google");
Line Deleted : user_pref("CT3153924.originalSearchEngineName", "");
Line Deleted : user_pref("CT3153924.searchRevert", "false");
Line Deleted : user_pref("CT3153924.searchUserMode", "2");
Line Deleted : user_pref("CT3153924.smartbar.homepage", "true");
Line Deleted : user_pref("CT3153924.versionFromInstaller", "10.22.3.18");
Line Deleted : user_pref("CT3153924.xpeMode", "0");

Line Deleted : user_pref("browser.search.defaultthis.engineName", "Connect DLCS Customized Web Search");

Line Deleted : user_pref("browser.search.order.1", "Blekko");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
Line Deleted : user_pref("extensions.helperbar.countryiso", "us");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "ob_128");
Line Deleted : user_pref("extensions.helperbar.installationid", "a97f09d0-96c5-4459-c35f-c65d62da4227");
Line Deleted : user_pref("extensions.helperbar.installdate", "13/11/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");

Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3153924");

Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3153924");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3153924");
Line Deleted : user_pref("smartbar.machineId", "YIJXIALFIN4L0LFXNLHVG/K/C5KIEPRX+BWSR+PADW2L7SQSVPLX5SNYGDN7TR0JVWJTND+S5ZR7ZLQASTKJXQ");

[ File : C:\Users\Debug\AppData\Roaming\Mozilla\Firefox\Profiles\u7blnn5n.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [21081 octets] - [11/12/2013 10:03:07]
AdwCleaner[s0].txt - [20668 octets] - [11/12/2013 10:05:58]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [20729 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.11.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
David Kramer :: DMK-I7 [administrator]

12/11/2013 10:14:00 AM
mbam-log-2013-12-11 (10-14-00).txt

Scan type: Full scan (C:\|K:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 850520
Time elapsed: 1 hour(s), 56 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 8
HKCR\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0C21091-FF8E-432C-9006-0540E81BA9D7} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\ScorpionSaver (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 54
C:\$Recycle.Bin\S-1-5-21-99751838-2406613000-1988356389-1001\$RP1H6W8.zip (Trojan.Zbot.AI) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-99751838-2406613000-1988356389-1001\$RU81WBA.zip (Trojan.FakeVPC) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-99751838-2406613000-1988356389-1001\$RZ9SJ61.zip (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLCS\Connect_DLCSToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\CustomActionInstall.vir (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\CustomActionUninstall.vir (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\IECore.dll.vir (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\David Kramer\AppData\Local\Conduit\CT3153924\Connect_DLCSAutoUpdateHelper.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\David Kramer\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\David Kramer\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\DAVIDK~1\AppData\Local\Temp\CT3153924\ctbe.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\DAVIDK~1\AppData\Local\Temp\CT3153924\ffLogic.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\DAVIDK~1\AppData\Local\Temp\CT3153924\ieLogic.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\DAVIDK~1\AppData\Local\Temp\CT3153924\spff.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\DAVIDK~1\AppData\Local\Temp\CT3153924\statisticsStub.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\DAVIDK~1\AppData\Local\Temp\CT3153924\stub.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\ChromeModule.dll.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\cltmng.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\CltMngSvc.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\FirefoxModule.dll.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\InternetExplorerModule.dll.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\SPHook32.dll.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\SPHook64.dll.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\SPRunner.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\SPTool64.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Users\Debug\AppData\Roaming\Searchprotect\bin\uninstall.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APAED1CS\Connect_DLCS[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPYQYRN8\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KPYQYRN8\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEIT3A7N\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEIT3A7N\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEIT3A7N\connect_dlcs[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\nse2310.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\nse4137.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\nse4C80.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\nsmDCAB.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\nsoA4F.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\QS\Installer.exe (PUP.Optional.Linkury.A) -> Quarantined and deleted successfully.
C:\Users\David Kramer\Downloads\PrimoPDF\InternationalPrimoPDF.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Debug\AppData\Local\Temp\AU\AutoUpdate.zip (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Debug\AppData\Local\Temp\AU\SPUpdater.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Public\Downloads\Norton\Support-LogMeInRescue.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Public\Downloads\Primo PDF\InternationalPrimoPDF.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Windows\Installer\15d6f.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\Installer\171930.msi (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Windows\System32\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\David Kramer\AppData\Local\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxy.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.

(end)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2013
Ran by David Kramer (administrator) on DMK-I7 on 11-12-2013 13:06:11
Running from C:\Users\Public\Downloads\Malware Bytes
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Mentor Graphics Corporation) C:\MentorGraphics\9.1PADS\SDD_HOME\iCDB\win32\bin\iCDBNetLauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
(SAMSUNG Electornics Co., Ltd.) C:\Users\David Kramer\AppData\Roaming\VERIZON\UA_ar\UA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Vimicro Corporation) C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [ATIModeChange] - Ati2mdxx.exe
HKLM\...\Run: [intelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-10-27] (Samsung)
MountPoints2: {73ba4c67-cec6-11e2-929c-0026832ea7de} - E:\VZW_Software_upgrade_assistant.exe
MountPoints2: {73ba4c83-cec6-11e2-929c-0026832ea7de} - E:\VZW_Software_upgrade_assistant_installer.exe
MountPoints2: {ab9b8bcb-40ad-11e3-b359-0026832ea7de} - E:\VZW_Software_upgrade_assistant.exe
MountPoints2: {feaaaf4e-cf79-11e2-9a66-0026832ea7de} - E:\VZW_Software_upgrade_assistant_installer.exe
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-18] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2829624 2013-11-08] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VMonitorVMUVC] - C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [135168 2008-03-26] (Vimicro Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-10-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-07-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [brStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Carbonite Backup] - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
HKU\Debug\...\Run: [searchProtect] - C:\Users\Debug\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\user\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-02] (AVG Secure Search)
HKU\user\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] - C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe [1266712 2013-06-08] (AVG Secure Search)
Startup: C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\David Kramer\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3E60485EE7ABCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKCU - {BB860C67-93B4-4F7B-9D05-65E3E764A7DE} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3153924&CUI=UN42993919519098247&UM=2
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {134DA043-566E-4572-82E6-8978D0ED03D8} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Free Download Manager plugin - C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: ScorpionSaver - C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\Extensions\ScorpionSaver@jetpack
FF Extension: noscript - C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 MGC.SDD.RSCM.2007.8; C:\MentorGraphics\9.1PADS\SDD_HOME\iCDB\win32\bin\iCDBNetLauncher.exe [1445888 2009-12-16] (Mentor Graphics Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
S2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
R0 firedrv; C:\Windows\System32\DRIVERS\firedrv.sys [136096 2010-10-28] (intek (Darmstadt))
S3 MCHPUSB; C:\Windows\System32\DRIVERS\mchpusb64.sys [64512 2008-05-12] (Microchip Technology, Inc.)
R3 PGRGIGE; C:\Windows\System32\DRIVERS\PGRGIGE.sys [42496 2013-08-07] (Point Grey Research)
R3 PGRUSB; C:\Windows\System32\DRIVERS\PGRXHCI.sys [148480 2011-11-30] (Point Grey Research)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [58664 2008-07-11] (SafeNet, Inc.)
S3 TsUsb2; C:\Windows\System32\Drivers\TSUSB2.sys [53760 2010-05-20] (HTL)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198400 2009-03-11] (Vimicro Corporation)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-11 13:05 - 2013-12-11 13:05 - 00000000 ____D C:\FRST
2013-12-11 12:50 - 2013-12-11 12:50 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-11 12:50 - 2013-12-11 12:50 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-11 12:50 - 2013-12-11 12:50 - 00000000 ____D C:\Program Files\CCleaner
2013-12-11 10:09 - 2013-12-11 10:09 - 00000000 ___RD C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-11 10:03 - 2013-12-11 10:06 - 00000000 ____D C:\AdwCleaner
2013-12-10 17:22 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-10 17:22 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-10 17:22 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-10 17:22 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-10 17:21 - 2013-11-26 03:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 17:21 - 2013-11-26 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 17:21 - 2013-11-26 02:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 17:21 - 2013-11-26 02:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 17:21 - 2013-11-26 01:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 17:21 - 2013-11-26 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 17:21 - 2013-11-26 01:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 17:21 - 2013-11-26 01:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 17:21 - 2013-11-26 01:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 17:21 - 2013-11-26 01:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-10 17:21 - 2013-11-26 01:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 17:21 - 2013-11-26 01:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 17:21 - 2013-11-26 01:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 17:21 - 2013-11-26 01:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 17:21 - 2013-11-26 00:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 17:21 - 2013-11-26 00:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 17:21 - 2013-11-26 00:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-10 17:21 - 2013-11-26 00:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 17:21 - 2013-11-26 00:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-10 17:21 - 2013-11-26 00:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-10 17:21 - 2013-11-26 00:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 17:21 - 2013-11-26 00:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 17:21 - 2013-11-25 23:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 17:21 - 2013-11-25 23:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 17:21 - 2013-11-25 23:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 17:21 - 2013-11-25 23:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 17:21 - 2013-11-25 22:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 17:21 - 2013-11-25 22:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 17:21 - 2013-11-25 22:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 17:21 - 2013-11-25 22:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 17:21 - 2013-11-25 22:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 16:58 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 16:58 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 16:58 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 16:58 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 16:58 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 16:58 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 16:58 - 2013-10-29 17:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 16:58 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 16:58 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 16:58 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 16:58 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 16:58 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 16:58 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 16:58 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 16:58 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 16:58 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 16:58 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-10 16:58 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 16:58 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-09 22:09 - 2013-12-09 22:09 - 00029394 _____ C:\Users\David Kramer\Desktop\dds.txt
2013-12-09 22:09 - 2013-12-09 22:09 - 00019275 _____ C:\Users\David Kramer\Desktop\attach.txt
2013-12-09 13:28 - 2013-12-09 13:41 - 00000000 ____D C:\Users\Debug\AppData\Local\Microsoft Games
2013-12-09 11:35 - 2013-12-09 11:35 - 00000000 ___RD C:\Users\Debug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-03 11:14 - 2013-12-03 11:14 - 00000467 _____ C:\Users\David Kramer\Desktop\Silicon Labs IDE.lnk
2013-11-27 08:38 - 2013-11-27 08:38 - 00140319 _____ C:\Users\David Kramer\Desktop\FIRM Source.zip
2013-11-19 10:31 - 2013-11-19 10:31 - 00000972 _____ C:\Users\David Kramer\Desktop\PADS CAM.lnk
2013-11-16 21:55 - 2013-11-16 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 09:50 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\Windows\system32\AdpeakProxy64.dll
2013-11-13 09:24 - 2013-11-13 09:24 - 00000000 ____D C:\Users\David Kramer\Downloads\ESAMediaPlayerDemozip
2013-11-13 09:11 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 09:11 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 09:10 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 09:10 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 09:10 - 2013-10-03 18:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 09:10 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 09:10 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 09:10 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 09:10 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 09:10 - 2013-09-24 18:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 09:10 - 2013-09-24 18:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 09:10 - 2013-09-24 18:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 09:10 - 2013-09-24 18:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 09:10 - 2013-09-24 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 09:10 - 2013-09-24 18:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 09:10 - 2013-09-24 18:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 09:10 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 09:10 - 2013-09-24 17:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 09:10 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 09:10 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 09:10 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 09:10 - 2013-09-24 17:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 09:10 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 09:09 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 09:09 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 09:09 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 09:09 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 09:09 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 09:09 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 09:09 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 09:07 - 2013-11-13 09:07 - 00000000 ____D C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2013-11-11 23:12 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-11 23:10 - 2013-11-11 23:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-11 23:10 - 2013-11-11 23:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-11 23:10 - 2013-11-11 23:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-11 23:10 - 2013-11-11 23:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-11 23:10 - 2013-11-11 23:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-11 23:10 - 2013-11-11 23:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-11 23:10 - 2013-11-11 23:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2013-12-11 13:06 - 2012-06-03 22:44 - 00000000 ____D C:\Users\Public\Downloads\Malware Bytes
2013-12-11 13:05 - 2013-12-11 13:05 - 00000000 ____D C:\FRST
2013-12-11 13:01 - 2012-07-30 21:42 - 00000000 ____D C:\Users\David Kramer\AppData\Roaming\Free Download Manager
2013-12-11 13:01 - 2012-06-18 16:45 - 00000000 ____D C:\Users\David Kramer\AppData\Roaming\FileZilla
2013-12-11 13:01 - 2012-04-25 15:50 - 00000000 ____D C:\Users\David Kramer\AppData\Local\CrashDumps
2013-12-11 13:00 - 2012-04-25 12:06 - 00000000 ____D C:\Windows\Minidump
2013-12-11 13:00 - 2012-04-20 10:02 - 00000000 ____D C:\Windows\Panther
2013-12-11 12:50 - 2013-12-11 12:50 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-11 12:50 - 2013-12-11 12:50 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-11 12:50 - 2013-12-11 12:50 - 00000000 ____D C:\Program Files\CCleaner
2013-12-11 12:42 - 2013-05-22 17:54 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-11 12:30 - 2012-04-19 18:14 - 01746996 ____N C:\Windows\WindowsUpdate.log
2013-12-11 12:12 - 2012-06-03 22:48 - 00000000 ____D C:\Users\Public\Downloads\Primo PDF
2013-12-11 12:12 - 2012-06-03 22:47 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-12-11 12:12 - 2012-06-01 09:33 - 00000000 ____D C:\Users\David Kramer\Downloads\PrimoPDF
2013-12-11 10:16 - 2009-07-13 20:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 10:16 - 2009-07-13 20:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 10:15 - 2009-07-13 21:13 - 00876418 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-11 10:09 - 2013-12-11 10:09 - 00000000 ___RD C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-11 10:09 - 2013-06-08 08:34 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2013-12-11 10:09 - 2013-06-02 19:02 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-12-11 10:09 - 2013-05-22 17:54 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-11 10:09 - 2012-04-20 10:36 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-12-11 10:08 - 2012-04-25 16:02 - 00000000 ____D C:\PADS Projects
2013-12-11 10:08 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-11 10:06 - 2013-12-11 10:03 - 00000000 ____D C:\AdwCleaner
2013-12-11 10:00 - 2013-07-05 21:36 - 00000000 ____D C:\Users\David Kramer\AppData\Roaming\vlc
2013-12-11 09:59 - 2013-09-26 08:25 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-11 09:59 - 2012-06-03 22:56 - 00000000 ____D C:\Users\Public\Downloads\VLC Video LAN Player
2013-12-11 09:43 - 2012-06-03 17:44 - 00000000 ____D C:\Users\David Kramer\Documents\Outlook Files
2013-12-11 08:19 - 2012-04-25 12:36 - 00000000 ____D C:\ProgramData\MFAData
2013-12-11 08:15 - 2013-05-22 17:54 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-10 18:21 - 2012-04-25 16:41 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-12-10 18:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-12-10 17:29 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-10 17:28 - 2009-07-13 20:45 - 00557280 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-10 17:22 - 2012-04-25 14:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-09 22:09 - 2013-12-09 22:09 - 00029394 _____ C:\Users\David Kramer\Desktop\dds.txt
2013-12-09 22:09 - 2013-12-09 22:09 - 00019275 _____ C:\Users\David Kramer\Desktop\attach.txt
2013-12-09 13:42 - 2012-04-25 09:18 - 00000000 ____D C:\Users\David Kramer\Documents\Bluetooth Folder
2013-12-09 13:41 - 2013-12-09 13:28 - 00000000 ____D C:\Users\Debug\AppData\Local\Microsoft Games
2013-12-09 12:48 - 2013-08-04 11:23 - 00000000 ____D C:\Users\Debug\Documents\Config Files
2013-12-09 11:35 - 2013-12-09 11:35 - 00000000 ___RD C:\Users\Debug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-08 22:50 - 2012-06-01 09:35 - 00000000 ____D C:\Users\David Kramer\AppData\Roaming\PrimoPDF
2013-12-08 14:15 - 2013-05-21 15:31 - 00003728 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-12-08 14:15 - 2012-09-27 08:56 - 00000000 ____D C:\ProgramData\AVG Secure Search
2013-12-08 14:15 - 2012-09-27 08:56 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2013-12-05 22:29 - 2012-06-02 22:26 - 00000000 ____D C:\Users\Public\Clients
2013-12-05 14:15 - 2013-10-01 12:43 - 00000000 ____D C:\Users\Debug\AppData\Roaming\vlc
2013-12-04 22:08 - 2012-05-31 21:36 - 00000000 ____D C:\Users\Public\QB Backup
2013-12-03 14:37 - 2013-05-22 17:54 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 14:37 - 2013-05-22 17:54 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-03 11:22 - 2012-06-03 22:54 - 00000000 ____D C:\Users\Public\Downloads\SiLabs
2013-12-03 11:20 - 2013-07-23 13:55 - 00001481 _____ C:\Users\David Kramer\Desktop\Keil uVision4.LNK
2013-12-03 11:20 - 2013-07-23 13:55 - 00000000 ____D C:\Keil
2013-12-03 11:18 - 2013-02-18 14:02 - 00000000 ____D C:\SiLabs
2013-12-03 11:18 - 2012-04-20 09:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-03 11:17 - 2013-07-23 13:53 - 00002047 _____ C:\Users\Public\Desktop\Flash Programming Utility.lnk
2013-12-03 11:14 - 2013-12-03 11:14 - 00000467 _____ C:\Users\David Kramer\Desktop\Silicon Labs IDE.lnk
2013-11-27 08:38 - 2013-11-27 08:38 - 00140319 _____ C:\Users\David Kramer\Desktop\FIRM Source.zip
2013-11-26 09:22 - 2013-09-19 11:07 - 00000965 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-26 03:54 - 2013-12-10 17:21 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 02:19 - 2013-12-10 17:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 02:18 - 2013-12-10 17:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 02:11 - 2013-12-10 17:21 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 01:48 - 2013-12-10 17:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 01:46 - 2013-12-10 17:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 01:41 - 2013-12-10 17:21 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 01:29 - 2013-12-10 17:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 01:27 - 2013-12-10 17:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 01:23 - 2013-12-10 17:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 01:21 - 2013-12-10 17:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 01:18 - 2013-12-10 17:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 01:18 - 2013-12-10 17:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 01:16 - 2013-12-10 17:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 00:57 - 2013-12-10 17:21 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 00:38 - 2013-12-10 17:21 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 00:38 - 2013-12-10 17:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 00:35 - 2013-12-10 17:21 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 00:32 - 2013-12-10 17:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 00:28 - 2013-12-10 17:21 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 00:16 - 2013-12-10 17:21 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 00:02 - 2013-12-10 17:21 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-25 23:48 - 2013-12-10 17:21 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-25 23:32 - 2013-12-10 17:21 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-25 23:26 - 2013-12-10 17:21 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-25 23:07 - 2013-12-10 17:21 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-25 22:40 - 2013-12-10 17:21 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 22:34 - 2013-12-10 17:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-25 22:34 - 2013-12-10 17:21 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-25 22:33 - 2013-12-10 17:21 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-25 22:27 - 2013-12-10 17:21 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-24 22:55 - 2012-05-31 21:30 - 00000000 ____D C:\Users\Public\DMK Engineering Inc
2013-11-24 20:56 - 2012-05-31 21:24 - 00000090 _____ C:\Windows\QBChanUtil_Trigger.ini
2013-11-23 10:26 - 2013-12-10 16:58 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 09:47 - 2013-12-10 16:58 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-21 09:37 - 2012-06-06 15:35 - 00001999 _____ C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-11-21 09:37 - 2012-06-06 15:35 - 00001969 _____ C:\Users\David Kramer\Desktop\Update Checker.lnk
2013-11-21 09:37 - 2012-06-03 22:42 - 00000000 ____D C:\Users\Public\Downloads\FileHippo
2013-11-19 21:58 - 2013-02-18 14:28 - 00007627 _____ C:\Users\David Kramer\AppData\Local\Resmon.ResmonCfg
2013-11-19 12:59 - 2013-08-04 13:36 - 00165984 _____ C:\Users\Debug\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-19 10:31 - 2013-11-19 10:31 - 00000972 _____ C:\Users\David Kramer\Desktop\PADS CAM.lnk
2013-11-18 15:22 - 2012-04-25 09:17 - 00165984 _____ C:\Users\David Kramer\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-18 15:04 - 2011-04-12 00:28 - 00000000 ____D C:\Windows\ShellNew
2013-11-18 10:25 - 2013-08-04 13:36 - 00000000 ____D C:\Users\Debug\Documents\Bluetooth Folder
2013-11-17 16:44 - 2013-08-07 07:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 21:55 - 2013-11-16 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 12:10 - 2012-06-02 15:36 - 00000000 ____D C:\Users\Public\Remarkable Properties
2013-11-13 19:00 - 2012-05-31 21:58 - 00004154 _____ C:\Windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2013-11-13 19:00 - 2012-05-31 21:58 - 00002132 _____ C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2013-11-13 10:31 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-13 09:53 - 2012-06-03 22:30 - 00000000 ____D C:\Users\Public\Downloads\Adobe
2013-11-13 09:53 - 2012-04-25 15:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-13 09:53 - 2012-04-25 15:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-13 09:53 - 2012-04-25 15:29 - 00000000 ____D C:\Users\David Kramer\AppData\Local\Adobe
2013-11-13 09:40 - 2013-08-14 16:33 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 09:38 - 2012-04-25 09:22 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 09:24 - 2013-11-13 09:24 - 00000000 ____D C:\Users\David Kramer\Downloads\ESAMediaPlayerDemozip
2013-11-13 09:24 - 2013-05-22 17:54 - 00000000 ____D C:\Users\David Kramer\AppData\Local\Google
2013-11-13 09:11 - 2013-06-06 21:07 - 00000000 ____D C:\ProgramData\Samsung
2013-11-13 09:07 - 2013-11-13 09:07 - 00000000 ____D C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
2013-11-13 09:07 - 2013-06-06 21:07 - 00000000 ____D C:\Users\David Kramer\AppData\Roaming\VERIZON
2013-11-13 09:07 - 2012-04-25 09:17 - 00000000 ___RD C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-12 13:31 - 2013-08-04 13:36 - 00001413 _____ C:\Users\Debug\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-12 09:53 - 2012-04-25 09:17 - 00001413 _____ C:\Users\David Kramer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-12 09:47 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-11 23:10 - 2013-11-11 23:10 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-11 23:10 - 2013-11-11 23:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-11 23:10 - 2013-11-11 23:10 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-11 23:10 - 2013-11-11 23:10 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-11 23:10 - 2013-11-11 23:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-11 23:10 - 2013-11-11 23:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-11 23:10 - 2013-11-11 23:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-11 23:10 - 2013-11-11 23:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-11 23:10 - 2013-11-11 23:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-11 22:59 - 2012-04-25 14:55 - 00000000 ____D C:\Users\David Kramer\Documents\Visual Studio 2010
2013-11-11 18:23 - 2013-12-10 16:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-11-11 18:07 - 2013-12-10 16:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

Some content of TEMP:
====================
C:\Users\David Kramer\AppData\Local\Temp\Quarantine.exe
C:\Users\Debug\AppData\Local\Temp\vlc-2.1.1-win64.exe
C:\Users\user\AppData\Local\Temp\_isBB.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-10 18:14

==================== End Of Log ============================

==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 16360.75 MB
Available physical RAM: 11815.19 MB
Total Pagefile: 32719.69 MB
Available Pagefile: 27930.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:406.33 GB) NTFS
Drive k: (K Drive) (Fixed) (Total:465.76 GB) (Free:329.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CBE74F5D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: A0A06C12)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

MrCharlie · December 11, 2013

Can you delete this file:
C:\Windows\system32\AdpeakProxy64.dll

and this extension in Firefox:
FF Extension: ScorpionSaver - C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\Extensions\ScorpionSaver@jetpack

Let me know how it is. MrC

MrCharlie · December 11, 2013

Can you delete this file:

C:\Windows\system32\AdpeakProxy64.dll

and this extension in Firefox:

FF Extension: ScorpionSaver - C:\Users\David Kramer\AppData\Roaming\Mozilla\Firefox\Profiles\r3hckd25.default\Extensions\ScorpionSaver@jetpack

Let me know how it is. MrC

dmkeng · December 11, 2013

Yes, I was able to delete AdpeakProxy64.dll and the ScorpionSaver add-on. I rebooted and verified that both were still gone. This is great!!! What's next. I'm happy to purchase the full featured MalwareBytes if that will help against future attacks. Anything else you recommend?

You guys are terrific. Thanks so much for your help!!!

MrCharlie · December 11, 2013

If it's OK.....

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
If you get Unsupported operating system. Aborting now, just reboot and try again.
A Notepad document should open automatically called checkup.txt.
Please Post the contents of that document.
Do Not Attach It!!!

MrC

dmkeng · December 11, 2013

Here is checkup.txt

Results of screen317's Security Check version 0.99.77
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2014
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 45
Adobe Flash Player 11.9.900.152
Adobe Reader XI
Mozilla Firefox (25.0.1)
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
Public Downloads Malware Bytes SecurityCheck.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

MrCharlie · December 11, 2013

That looks Good!

A little clean up to do....

Please download OTC to your desktop. (This will clean up most of the tools and logs)

http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.

Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

Note:

If you used FRST and can't delete the quarantine folder:

Download the fixlist.txt to the same folder as FRST.exe.

Run FRST.exe and click Fix only once and wait

That will delete the quarantine folder created by FRST.

The rest you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

AdvancedSetup · December 12, 2013

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Thanks so much for your help

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information