Jump to content

Infected with something writing to my temp folder


Recommended Posts

I get Symantec popping up every few minutes saying it's Quarantined some file in my temp folder...
 

--------------------------------------------------------------------------------------------

Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen
File: C:\Users\<myusername>\AppData\Local\Temp\DWH2BDA.tmp
Location: C:\Users\<myusername>\AppData\Local\Temp

 

Action taken: Pending Side Effects Analysis : Access denied

--------------------------------------------------------------------------------------------

 

Below are the results of my Scan. I tried an analyze on hijackthis.de and did not see anything worth removing.

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 4:44:22 PM, on 4/03/14
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
CHROME: 33.0.1750.154
FIREFOX: 28.0 (en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\xampp\xampp-control.exe
c:\xampp\apache\bin\httpd.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files (x86)\Microsoft Team Foundation Server 2010 Power Tools\TfsComProviderSvr.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio\Ssms.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrvPXDiscrete.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe
C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio\Ssms.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\PROFILER.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe
c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\PreviewProcessingService.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cmorrison\Downloads\HijackThis.exe
C:\Windows\sysWow64\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [RevHDD] C:\WINDOWS\SYSTEM\RevHDD.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\cmorrison\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN31N1C54W05SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_734FF86B9F500D4CE686696E690FC024] "C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Send to OneNote.lnk = C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE


O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} (RSClientPrint 2008 Class) - http://192.168.50.91/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=0tnodgyqjmff5255nzimom45&Culture=4105&CultureOverrides=False&UICulture=9&UICultureOverrides=False&ReportStack=1&ControlID=630e60bd174a4421bbd8f3e60b922ae3&OpType=PrintCab&Arch=X86
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 19873 bytes

 

Any Help is appreciated. Thank you.

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin....

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by cmorrison (administrator) on GEOTRAC-LT54 on 08-04-2014 14:18:05
Running from C:\Users\cmorrison\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\CxUtilSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio3.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio\Ssms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_265_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Team Foundation Server 2010 Power Tools\TfsComProviderSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\DWHWizrd.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Red Gate Software Ltd.) C:\Program Files (x86)\Red Gate\SQL Multi Script 1\SQLMultiScript.exe
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SavUI.exe
(Microsoft Corporation) C:\Windows\syswow64\MsiExec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2894640 2012-03-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [5752480 2012-07-11] (Dell Inc.)
HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SA3\SACpl.exe [1628288 2011-09-08] (Conexant Systems, Inc.)
HKLM\...\Run: [intelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [intelPROSet] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4802864 2012-06-25] (Intel® Corporation)
HKLM\...\Run: [bLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [bTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2012-05-15] (Intel Corporation)
HKLM\...\Run: [ACPW06EN] - C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe [1234120 2012-12-17] (ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [startCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ccApp] - C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2010-11-01] (Symantec Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [523216 2011-09-09] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [RevHDD] - C:\WINDOWS\SYSTEM\RevHDD.exe
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3432205677-490433067-3967148432-4613\...\Run: [Google Update] - C:\Users\cmorrison\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-19] (Google Inc.)
HKU\S-1-5-21-3432205677-490433067-3967148432-4613\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3432205677-490433067-3967148432-4613\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-3432205677-490433067-3967148432-4613\...\Run: [HP Deskjet 3520 series (NET)] - C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3432205677-490433067-3967148432-4613\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3432205677-490433067-3967148432-4613\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3432205677-490433067-3967148432-4613\...\Run: [GoogleChromeAutoLaunch_734FF86B9F500D4CE686696E690FC024] - C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\chrome.exe [859976 2014-03-14] (Google Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Administrator.GEOTrac-LT52\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\Ben Ng\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\bng\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\cmorrison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\jfinlay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Startup: C:\Users\mandersen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ShortcutTarget: Intel® Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9B3EEFC8-0AAB-402D-A74B-84B0F0AFA2D3} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9B3EEFC8-0AAB-402D-A74B-84B0F0AFA2D3} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS
SearchScopes: HKLM-x32 - DefaultScope {9B3EEFC8-0AAB-402D-A74B-84B0F0AFA2D3} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9B3EEFC8-0AAB-402D-A74B-84B0F0AFA2D3} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS
SearchScopes: HKCU - DefaultScope {9B3EEFC8-0AAB-402D-A74B-84B0F0AFA2D3} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {5554DCB0-700B-498D-9B58-4E40E5814405} http://192.168.50.91/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=0tnodgyqjmff5255nzimom45&Culture=4105&CultureOverrides=False&UICulture=9&UICultureOverrides=False&ReportStack=1&ControlID=630e60bd174a4421bbd8f3e60b922ae3&OpType=PrintCab&Arch=X86
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 192.168.49.24 192.168.49.27

FireFox:
========
FF ProfilePath: C:\Users\cmorrison\AppData\Roaming\Mozilla\Firefox\Profiles\4ulcp9di.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.google.ca/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\cmorrison\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\cmorrison\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\cmorrison\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\cmorrison\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\cmorrison\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\cmorrison\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\cmorrison\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\cmorrison\AppData\Roaming\Mozilla\Firefox\Profiles\4ulcp9di.default\searchplugins\bingp.xml
FF Extension: Firebug - C:\Users\cmorrison\AppData\Roaming\Mozilla\Firefox\Profiles\4ulcp9di.default\Extensions\firebug@software.joehewitt.com.xpi [2013-10-15]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []

Chrome:
=======

CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\cmorrison\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Translate) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-02-19]
CHR Extension: (Media Hint) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\akipcefbjlmpbcejgdaopmmidpnjlhnb [2014-04-02]
CHR Extension: (Google Docs) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-19]
CHR Extension: (Google Drive) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-19]
CHR Extension: (James White) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2013-09-18]
CHR Extension: (YouTube) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-19]
CHR Extension: (efTwo (F2) - Advanced Find on Page) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaikggmppdolhcehimngikgiafmdcep [2013-08-11]
CHR Extension: (Google Search) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-19]
CHR Extension: (*Split Screen*) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\eachfleknamlcepmplpdghagngjfjkin [2013-11-20]
CHR Extension: (Blocker) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\epdedalbkhcbhcmcpfglmhngjpgimcmm [2013-02-19]
CHR Extension: (AdBlock) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-02-19]
CHR Extension: (SearchPreview) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2013-10-01]
CHR Extension: (Smooth Gestures) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2013-03-19]
CHR Extension: (FVD Downloader) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-02-19]
CHR Extension: (Google Wallet) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\cmorrison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R3 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-11-01] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-11-01] (Symantec Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [192856 2012-02-25] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
S3 MsDtsServer; C:\Program Files (x86)\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [199384 2005-10-14] (Microsoft Corporation)
S3 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218608 2012-10-20] (Microsoft Corporation)
S3 msftesql; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [92880 2005-08-26] (Microsoft Corporation)
S3 MSOLAP$MSSQLSERVER2012; C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER2012\OLAP\bin\msmdsrv.exe [72497640 2012-10-20] (Microsoft Corporation)
S3 MSSQL$MSSQLSERVER2012; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER2012\MSSQL\Binn\sqlservr.exe [191976 2012-10-20] (Microsoft Corporation)
S3 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MSSQLFDLauncher$MSSQLSERVER2012; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER2012\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S3 MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28768528 2005-10-14] (Microsoft Corporation)
S4 MSSQLServerOLAPService; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [14557912 2005-10-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] ()
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [302200 2013-01-31] ()
S3 ReportServer$MSSQLSERVER2012; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2423792 2012-10-20] (Microsoft Corporation)
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3218880 2010-11-01] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [419656 2010-11-01] (Symantec Corporation)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation)
S3 SQLAgent$MSSQLSERVER2012; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER2012\MSSQL\Binn\SQLAGENT.EXE [612848 2012-10-20] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [318680 2005-10-14] (Microsoft Corporation)
R3 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1831024 2010-11-01] (Symantec Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R2 ApexSqlLogServerHelper_2011_03_1088; C:\ProgramData\ApexSQL\ApexSQLLog\MSSQLSERVER2012\Binn\ApexSqlLogServerHelper.sys [17032 2013-02-05] (ApexSQL LLC)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-19] (Symantec Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-13] (AnchorFree Inc.)
S3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-22] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140408.008\eng64.sys [126040 2014-03-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140408.008\ex64.sys [2099288 2014-03-30] (Symantec Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [447536 2010-11-01] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [447536 2010-11-01] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [482352 2010-11-01] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [482352 2010-11-01] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2010-11-01] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2010-11-01] (Symantec Corporation)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2013-01-22] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [64048 2010-11-01] (Symantec Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2010-11-01] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2014-03-19] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-08 14:18 - 2014-04-08 14:20 - 00034155 _____ () C:\Users\cmorrison\Desktop\FRST.txt
2014-04-08 14:14 - 2014-04-08 14:18 - 00000000 ____D () C:\FRST
2014-04-08 13:50 - 2014-04-08 13:50 - 02157056 _____ (Farbar) C:\Users\cmorrison\Desktop\FRST64.exe
2014-04-08 11:02 - 2014-04-08 11:02 - 00000165 ____H () C:\Users\cmorrison\Desktop\~$LostHistoricalSubscriptions_Detailed.xlsx
2014-04-08 01:16 - 2014-04-08 07:23 - 00004980 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for GEOTRAC-cmorrison GEOTRAC-LT54.internal.geotracinternational.com
2014-04-07 22:36 - 2014-04-08 10:33 - 00004980 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for {9f824f1f-41e8-4538-bc70-81e80166ffe1} GEOTRAC-LT54.internal.geotracinternational.com
2014-04-07 17:10 - 2014-04-08 08:04 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 17:10 - 2014-04-07 17:10 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 17:10 - 2014-04-07 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 17:10 - 2014-04-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 17:10 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-07 17:10 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-07 17:10 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-07 17:09 - 2014-04-07 17:09 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\cmorrison\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-07 12:56 - 2014-04-07 12:56 - 00108537 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivity_46_48.rdl
2014-04-06 18:55 - 2014-04-06 18:55 - 00031554 _____ () C:\Users\cmorrison\Downloads\downton.abbey.episode.3.8.(2012).eng.1cd.(4707533).zip
2014-04-06 18:53 - 2014-04-06 18:53 - 00022521 _____ () C:\Users\cmorrison\Downloads\downton.abbey.episode.3.7.(2012).eng.1cd.(4701009).zip
2014-04-06 18:51 - 2014-04-06 18:52 - 00022135 _____ () C:\Users\cmorrison\Downloads\downton.abbey.episode.3.6.(2012).eng.1cd.(4695021).zip
2014-04-04 21:50 - 2014-04-06 11:23 - 00000642 _____ () C:\Users\cmorrison\Desktop\ToDo For bemorefitness subscription.txt
2014-04-04 17:52 - 2014-04-08 00:56 - 00020599 _____ () C:\Users\cmorrison\Desktop\LostHistoricalSubscriptions_Detailed.xlsx
2014-04-04 17:52 - 2014-04-07 17:24 - 00014307 _____ () C:\Users\cmorrison\Desktop\LostHistoricalSubscriptions.xlsx
2014-04-04 09:59 - 2014-04-04 09:59 - 00000000 ____D () C:\ProgramData\GroupPolicy
2014-04-04 09:47 - 2014-04-04 09:47 - 00000173 _____ () C:\Users\cmorrison\Desktop\ToDo for AssetTracker Report.txt
2014-04-03 16:44 - 2014-04-03 16:44 - 00019875 _____ () C:\Users\cmorrison\Downloads\hijackthis.log
2014-04-03 16:36 - 2014-04-03 16:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\cmorrison\Downloads\HijackThis.exe
2014-04-03 15:00 - 2014-04-03 15:00 - 00026444 _____ () C:\Users\cmorrison\Desktop\Historical_Activity_Report_GEOTrac QA 20140106 to 20140107.xlsx
2014-04-03 10:59 - 2014-04-03 12:35 - 00007449 _____ () C:\Users\cmorrison\Desktop\BatteryLife_2014_04_02_60_87_INSTANCE_C_Results.csv
2014-04-03 10:56 - 2014-04-03 10:56 - 00000777 _____ () C:\Users\cmorrison\Desktop\BatteryLife_2014_04_02_50_14_C_Results.csv
2014-04-02 13:30 - 2014-04-02 13:30 - 00057747 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivity1580.xlsx
2014-04-01 10:42 - 2014-04-01 10:45 - 00000000 ____D () C:\Windows\system32\ESUG
2014-03-31 15:55 - 2014-04-03 12:37 - 00000800 _____ () C:\Users\cmorrison\Desktop\exec usp_SSRS_FleetSummary Trace.sql
2014-03-31 15:29 - 2014-03-31 15:29 - 00010747 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivityAsco.xlsx
2014-03-30 16:15 - 2014-03-30 16:15 - 00881360 _____ () C:\Users\cmorrison\Desktop\flow530.mp4
2014-03-29 14:18 - 2014-03-29 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 11:44 - 2014-03-27 11:44 - 00057790 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivityGeoQA_BT.xlsx
2014-03-26 13:40 - 2014-03-26 13:40 - 00186327 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivity_currently_on_staging.rdl
2014-03-26 10:43 - 2014-03-26 10:43 - 00113925 _____ () C:\Users\cmorrison\Desktop\rptInfractionReportStandalone.rdl
2014-03-26 00:52 - 2014-04-03 17:45 - 00031128 _____ () C:\Users\cmorrison\Desktop\a.sql
2014-03-24 09:26 - 2014-03-24 09:26 - 00068683 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report (7).xlsx
2014-03-21 23:32 - 2014-03-21 23:32 - 00019441 _____ () C:\Users\cmorrison\Downloads\47.ronin.(2013).eng.1cd.(5589237).zip
2014-03-21 14:10 - 2014-03-21 14:10 - 03390233 _____ () C:\Users\cmorrison\Desktop\Baker Export FleetSummary.xlsx
2014-03-21 12:12 - 2014-03-21 12:12 - 00068683 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report (6).xlsx
2014-03-20 15:38 - 2014-03-20 15:38 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\Program Files\iTunes
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\Program Files\iPod
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-20 15:31 - 2014-03-20 15:32 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-20 13:57 - 2014-03-20 13:57 - 00068683 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report_All_GEOTrac QA.xlsx
2014-03-20 11:37 - 2014-03-20 11:37 - 00057675 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report GeoQA_BT.xlsx
2014-03-20 11:30 - 2014-03-20 11:30 - 00070120 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report.xlsx
2014-03-20 11:29 - 2014-03-20 13:50 - 00047186 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report_All_GEOTrac AQ.xlsx
2014-03-20 11:25 - 2014-03-20 11:25 - 00054593 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report (5).xlsx
2014-03-17 11:36 - 2014-03-17 11:36 - 00057675 _____ () C:\Users\cmorrison\Downloads\rptHistoricalActivity (4).xlsx
2014-03-16 15:08 - 2014-03-16 15:08 - 00040837 _____ () C:\Users\cmorrison\Downloads\furious.6.(2013).eng.1cd.(5072140).zip
2014-03-14 22:31 - 2014-03-14 22:31 - 00036566 _____ () C:\Users\cmorrison\Downloads\thor.the.dark.world.(2013).eng.1cd.(5519048).zip
2014-03-14 09:37 - 2014-04-08 13:41 - 00000586 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3432205677-490433067-3967148432-4613.job
2014-03-14 09:37 - 2014-03-26 13:48 - 00003618 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3432205677-490433067-3967148432-4613
2014-03-14 09:19 - 2014-03-14 09:19 - 00002835 _____ () C:\Users\cmorrison\Desktop\Outstanding Fleet Summary eTool Report.csv
2014-03-13 12:51 - 2014-03-13 12:51 - 00000868 _____ () C:\Users\cmorrison\Downloads\Ftp webadmin@bemorefitness.com.xml
2014-03-13 12:51 - 2014-03-13 12:51 - 00000864 _____ () C:\Users\cmorrison\Downloads\Ftp mccm@bemorefitness.com.xml
2014-03-11 15:58 - 2014-03-11 15:58 - 00036352 _____ () C:\Users\cmorrison\Desktop\andys oilfield fs report.xlsx
2014-03-11 12:36 - 2014-03-11 12:36 - 00004385 _____ () C:\Users\cmorrison\Downloads\CustomAggregate_Median.zip
2014-03-10 12:03 - 2014-03-10 12:03 - 00000017 _____ () C:\Users\cmorrison\AppData\Local\resmon.resmoncfg
2014-03-10 11:03 - 2014-03-10 11:03 - 00000000 ____D () C:\Users\cmorrison\AppData\Roaming\IsolatedStorage

==================== One Month Modified Files and Folders =======

2014-04-08 14:20 - 2014-04-08 14:18 - 00034155 _____ () C:\Users\cmorrison\Desktop\FRST.txt
2014-04-08 14:19 - 2013-02-20 17:27 - 00000000 ____D () C:\Users\cmorrison\AppData\Roaming\Skype
2014-04-08 14:19 - 2013-01-22 12:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-08 14:19 - 2013-01-08 04:06 - 01620251 _____ () C:\Windows\WindowsUpdate.log
2014-04-08 14:18 - 2014-04-08 14:14 - 00000000 ____D () C:\FRST
2014-04-08 14:06 - 2013-01-21 16:45 - 00004890 __RSH () C:\ProgramData\ntuser.pol
2014-04-08 14:04 - 2013-02-27 21:10 - 00000000 ____D () C:\Program Files (x86)\Vuze
2014-04-08 14:02 - 2013-02-01 11:30 - 00114032 _____ () C:\Users\jfinlay\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-08 14:01 - 2013-02-15 13:55 - 00000000 ____D () C:\Users\cmorrison\Documents\Visual Studio 2010
2014-04-08 13:58 - 2013-02-19 18:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 13:57 - 2014-02-10 16:46 - 00000000 ____D () C:\Users\cmorrison\Documents\Outlook Files
2014-04-08 13:50 - 2014-04-08 13:50 - 02157056 _____ (Farbar) C:\Users\cmorrison\Desktop\FRST64.exe
2014-04-08 13:45 - 2013-02-19 14:29 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613UA.job
2014-04-08 13:41 - 2014-03-14 09:37 - 00000586 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3432205677-490433067-3967148432-4613.job
2014-04-08 13:39 - 2009-07-13 20:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-08 13:33 - 2013-01-21 16:31 - 00000312 _____ () C:\Windows\system32\config\netlogon.ftl
2014-04-08 13:11 - 2011-02-10 08:33 - 01221574 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-08 13:11 - 2009-07-13 23:13 - 01221574 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-08 12:25 - 2013-02-26 14:31 - 00002056 ____H () C:\Users\cmorrison\Documents\Default.rdp
2014-04-08 12:16 - 2013-03-17 03:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-08 12:16 - 2013-03-17 03:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-08 11:02 - 2014-04-08 11:02 - 00000165 ____H () C:\Users\cmorrison\Desktop\~$LostHistoricalSubscriptions_Detailed.xlsx
2014-04-08 10:33 - 2014-04-07 22:36 - 00004980 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for {9f824f1f-41e8-4538-bc70-81e80166ffe1} GEOTRAC-LT54.internal.geotracinternational.com
2014-04-08 10:12 - 2013-02-19 18:50 - 00000000 ___RD () C:\Users\cmorrison\Google Drive
2014-04-08 10:11 - 2013-02-19 18:47 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-08 08:54 - 2009-07-13 22:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-08 08:54 - 2009-07-13 22:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-08 08:46 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-08 08:46 - 2009-07-13 22:51 - 00089112 _____ () C:\Windows\setupact.log
2014-04-08 08:45 - 2010-11-20 21:47 - 00720316 _____ () C:\Windows\PFRO.log
2014-04-08 08:04 - 2014-04-07 17:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 07:23 - 2014-04-08 01:16 - 00004980 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for GEOTRAC-cmorrison GEOTRAC-LT54.internal.geotracinternational.com
2014-04-08 00:56 - 2014-04-04 17:52 - 00020599 _____ () C:\Users\cmorrison\Desktop\LostHistoricalSubscriptions_Detailed.xlsx
2014-04-07 18:16 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\Globalization
2014-04-07 17:24 - 2014-04-04 17:52 - 00014307 _____ () C:\Users\cmorrison\Desktop\LostHistoricalSubscriptions.xlsx
2014-04-07 17:10 - 2014-04-07 17:10 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-07 17:10 - 2014-04-07 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-07 17:10 - 2014-04-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-07 17:09 - 2014-04-07 17:09 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\cmorrison\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-07 15:45 - 2013-02-19 14:29 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613Core.job
2014-04-07 14:54 - 2013-02-19 12:48 - 00000000 ____D () C:\Users\cmorrison\Documents\SQL Server Management Studio
2014-04-07 12:56 - 2014-04-07 12:56 - 00108537 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivity_46_48.rdl
2014-04-06 21:57 - 2013-03-03 16:31 - 00000000 ____D () C:\Users\cmorrison\AppData\Roaming\vlc
2014-04-06 18:56 - 2013-02-27 21:10 - 00000000 ____D () C:\Users\cmorrison\AppData\Roaming\Azureus
2014-04-06 18:55 - 2014-04-06 18:55 - 00031554 _____ () C:\Users\cmorrison\Downloads\downton.abbey.episode.3.8.(2012).eng.1cd.(4707533).zip
2014-04-06 18:53 - 2014-04-06 18:53 - 00022521 _____ () C:\Users\cmorrison\Downloads\downton.abbey.episode.3.7.(2012).eng.1cd.(4701009).zip
2014-04-06 18:52 - 2014-04-06 18:51 - 00022135 _____ () C:\Users\cmorrison\Downloads\downton.abbey.episode.3.6.(2012).eng.1cd.(4695021).zip
2014-04-06 11:36 - 2013-04-17 12:29 - 00000000 ____D () C:\Users\cmorrison\AppData\Local\Adobe
2014-04-06 11:36 - 2013-01-08 04:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-06 11:36 - 2013-01-08 04:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-06 11:23 - 2014-04-04 21:50 - 00000642 _____ () C:\Users\cmorrison\Desktop\ToDo For bemorefitness subscription.txt
2014-04-04 09:59 - 2014-04-04 09:59 - 00000000 ____D () C:\ProgramData\GroupPolicy
2014-04-04 09:57 - 2013-06-18 21:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-04 09:47 - 2014-04-04 09:47 - 00000173 _____ () C:\Users\cmorrison\Desktop\ToDo for AssetTracker Report.txt
2014-04-03 17:45 - 2014-03-26 00:52 - 00031128 _____ () C:\Users\cmorrison\Desktop\a.sql
2014-04-03 16:44 - 2014-04-03 16:44 - 00019875 _____ () C:\Users\cmorrison\Downloads\hijackthis.log
2014-04-03 16:42 - 2013-02-15 13:55 - 00000000 ____D () C:\Users\cmorrison\AppData\Local\VirtualStore
2014-04-03 16:37 - 2014-04-03 16:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\cmorrison\Downloads\HijackThis.exe
2014-04-03 15:00 - 2014-04-03 15:00 - 00026444 _____ () C:\Users\cmorrison\Desktop\Historical_Activity_Report_GEOTrac QA 20140106 to 20140107.xlsx
2014-04-03 12:37 - 2014-03-31 15:55 - 00000800 _____ () C:\Users\cmorrison\Desktop\exec usp_SSRS_FleetSummary Trace.sql
2014-04-03 12:35 - 2014-04-03 10:59 - 00007449 _____ () C:\Users\cmorrison\Desktop\BatteryLife_2014_04_02_60_87_INSTANCE_C_Results.csv
2014-04-03 10:56 - 2014-04-03 10:56 - 00000777 _____ () C:\Users\cmorrison\Desktop\BatteryLife_2014_04_02_50_14_C_Results.csv
2014-04-03 09:51 - 2014-04-07 17:10 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-07 17:10 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-07 17:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 15:53 - 2013-02-19 18:47 - 00003900 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 15:53 - 2013-02-19 18:47 - 00003648 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-02 13:30 - 2014-04-02 13:30 - 00057747 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivity1580.xlsx
2014-04-01 10:45 - 2014-04-01 10:42 - 00000000 ____D () C:\Windows\system32\ESUG
2014-03-31 15:29 - 2014-03-31 15:29 - 00010747 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivityAsco.xlsx
2014-03-30 16:15 - 2014-03-30 16:15 - 00881360 _____ () C:\Users\cmorrison\Desktop\flow530.mp4
2014-03-30 11:43 - 2013-02-15 14:01 - 00000000 ____D () C:\Users\cmorrison\AppData\Roaming\Adobe
2014-03-29 14:18 - 2014-03-29 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 15:40 - 2013-02-19 14:29 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613UA
2014-03-27 15:40 - 2013-02-19 14:29 - 00003510 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613Core
2014-03-27 15:05 - 2013-09-11 13:43 - 00196111 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivity.rdl
2014-03-27 11:44 - 2014-03-27 11:44 - 00057790 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivityGeoQA_BT.xlsx
2014-03-26 13:48 - 2014-03-14 09:37 - 00003618 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3432205677-490433067-3967148432-4613
2014-03-26 13:40 - 2014-03-26 13:40 - 00186327 _____ () C:\Users\cmorrison\Desktop\rptHistoricalActivity_currently_on_staging.rdl
2014-03-26 10:43 - 2014-03-26 10:43 - 00113925 _____ () C:\Users\cmorrison\Desktop\rptInfractionReportStandalone.rdl
2014-03-24 09:26 - 2014-03-24 09:26 - 00068683 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report (7).xlsx
2014-03-21 23:32 - 2014-03-21 23:32 - 00019441 _____ () C:\Users\cmorrison\Downloads\47.ronin.(2013).eng.1cd.(5589237).zip
2014-03-21 14:10 - 2014-03-21 14:10 - 03390233 _____ () C:\Users\cmorrison\Desktop\Baker Export FleetSummary.xlsx
2014-03-21 12:12 - 2014-03-21 12:12 - 00068683 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report (6).xlsx
2014-03-20 18:07 - 2013-05-20 18:02 - 00000000 ____D () C:\Users\cmorrison\AppData\Local\Apple Computer
2014-03-20 15:38 - 2014-03-20 15:38 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\Program Files\iTunes
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\Program Files\iPod
2014-03-20 15:38 - 2014-03-20 15:38 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-20 15:33 - 2013-04-03 10:43 - 00000000 ____D () C:\ProgramData\Apple
2014-03-20 15:32 - 2014-03-20 15:31 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-20 13:57 - 2014-03-20 13:57 - 00068683 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report_All_GEOTrac QA.xlsx
2014-03-20 13:50 - 2014-03-20 11:29 - 00047186 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report_All_GEOTrac AQ.xlsx
2014-03-20 11:37 - 2014-03-20 11:37 - 00057675 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report GeoQA_BT.xlsx
2014-03-20 11:30 - 2014-03-20 11:30 - 00070120 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report.xlsx
2014-03-20 11:25 - 2014-03-20 11:25 - 00054593 _____ () C:\Users\cmorrison\Downloads\Historical_Activity_Report (5).xlsx
2014-03-19 15:34 - 2014-01-23 14:27 - 09328746 _____ () C:\Users\cmorrison\Desktop\fleetSummaryExecutionPlan.sqlplan
2014-03-19 14:40 - 2013-04-10 12:13 - 00000000 ____D () C:\Users\cmorrison\AppData\Roaming\Mozilla
2014-03-19 09:02 - 2013-01-22 18:44 - 00233120 _____ (Symantec Corporation) C:\Windows\system32\Drivers\wpshelper.sys
2014-03-17 11:36 - 2014-03-17 11:36 - 00057675 _____ () C:\Users\cmorrison\Downloads\rptHistoricalActivity (4).xlsx
2014-03-16 15:08 - 2014-03-16 15:08 - 00040837 _____ () C:\Users\cmorrison\Downloads\furious.6.(2013).eng.1cd.(5072140).zip
2014-03-14 22:31 - 2014-03-14 22:31 - 00036566 _____ () C:\Users\cmorrison\Downloads\thor.the.dark.world.(2013).eng.1cd.(5519048).zip
2014-03-14 09:19 - 2014-03-14 09:19 - 00002835 _____ () C:\Users\cmorrison\Desktop\Outstanding Fleet Summary eTool Report.csv
2014-03-13 12:51 - 2014-03-13 12:51 - 00000868 _____ () C:\Users\cmorrison\Downloads\Ftp webadmin@bemorefitness.com.xml
2014-03-13 12:51 - 2014-03-13 12:51 - 00000864 _____ () C:\Users\cmorrison\Downloads\Ftp mccm@bemorefitness.com.xml
2014-03-12 10:34 - 2014-02-08 16:19 - 00002077 _____ () C:\Users\cmorrison\Desktop\UtilizationPercentage Calculations.txt
2014-03-11 15:58 - 2014-03-11 15:58 - 00036352 _____ () C:\Users\cmorrison\Desktop\andys oilfield fs report.xlsx
2014-03-11 12:36 - 2014-03-11 12:36 - 00004385 _____ () C:\Users\cmorrison\Downloads\CustomAggregate_Median.zip
2014-03-10 12:03 - 2014-03-10 12:03 - 00000017 _____ () C:\Users\cmorrison\AppData\Local\resmon.resmoncfg
2014-03-10 11:03 - 2014-03-10 11:03 - 00000000 ____D () C:\Users\cmorrison\AppData\Roaming\IsolatedStorage

Some content of TEMP:
====================
C:\Users\administrator\AppData\Local\Temp\ose00000.exe
C:\Users\cmorrison\AppData\Local\Temp\i4jdel0.exe
C:\Users\jfinlay\AppData\Local\Temp\reflectPatch.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-03-31 14:12

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by cmorrison at 2014-04-08 14:22:17
Running from C:\Users\cmorrison\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
ACDSee Pro 6 (HKLM\...\{CAF674E0-808C-4CF4-8868-A755EBABA228}) (Version: 6.2.212 - ACD Systems International Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.265 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.5) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AMD APP SDK Runtime (Version: 10.0.851.6 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 12.2.0.20305 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D2EBABAC-7DA0-FAD4-7FAE-8D3C2EA779F3}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
ApexSQL Audit 2013 (HKLM-x32\...\ApexSQL Audit 2013_is1) (Version: 2013.01.0063 - ApexSQL Software)
ApexSQL Log 2011 (HKLM\...\ApexSQL Log 2011_is1) (Version: 2011.03.1088 - ApexSQL Software)
ApexSQL Log API 2011 (HKLM\...\ApexSQL Log API 2011_is1) (Version: 2011.03.1062 - ApexSQL Software)
ApexSQL Recover 2011 (HKLM\...\ApexSQL Recover 2011_is1) (Version: 2011.02.1058 - ApexSQL Software)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Beyond Compare Version 3.3.5 (HKLM-x32\...\BeyondCompare3_is1) (Version:  - Scooter Software)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
Charles 3.8.1 (HKLM\...\{6D2BEDF9-06CA-42FF-B6C2-EB6B935041D3}) (Version: 3.8.1.2 - XK72 Ltd)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.4235 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.4235 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.29.0 - Conexant)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
cURL (HKLM\...\{FD8AE703-D1B6-4612-AC78-B3884F334D5E}) (Version: 7.35.0 - Confused by Code)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E634070B-8D8C-4B14-B4A7-6C6609C4A5CF}) (Version:  - Microsoft)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\Elantech) (Version: 10.3.2.2 - ELAN Microelectronic Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
DigitalPersona Fingerprint Software 6.1 (HKLM\...\{208DCBFA-D02A-426B-865F-312529654438}) (Version: 6.1.0.279 - DigitalPersona, Inc.)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{AFA4B0BF-3289-495A-B949-BA91F39B1A44}) (Version: 11.1.21009.00 - Microsoft Corporation)
FME Desktop 2013 (Build 13264 - win32) (HKLM-x32\...\{704E904F-7039-1014-8F43-F5DD5244F6E4}) (Version: 12.0.13264 - Safe Software Inc.)
Free Internet TV v7.0 (HKLM-x32\...\Free Internet TV_is1) (Version:  - Holersoft)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GoToMeeting 6.2.0.1350 (HKCU\...\GoToMeeting) (Version: 6.2.0.1350 - CitrixOnline)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0191 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1022 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JavaScript Tooling (Version: 11.0.51106 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.96 - Symantec Corporation)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Macrium Reflect Free Edition (HKLM\...\{726318C7-E719-4ED2-912B-323F26BC49D4}) (Version: 5.1.5529 - Paramount Software (UK) Ltd.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 (x32 Version: 9.00.1399.06 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Analysis Services (x32 Version: 9.00.1399.06 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{C92556F2-4950-48CF-ABA3-F0026B05BCE8}) (Version: 8.05.1054 - Microsoft Corporation)
Microsoft SQL Server 2005 Books Online (English) (HKLM-x32\...\{0B43A744-B1B8-4089-9BD1-9D41C7EC0AA3}) (Version: 9.00.1399.06 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Integration Services (x32 Version: 9.00.1399.06 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Notification Services (x32 Version: 9.00.1399.06 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools (x32 Version: 9.00.1399.06 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (Version:  - ) Hidden
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{8F3AB164-B4F3-45B1-A85A-F5E5815A44E1}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Policies  (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{376949D9-0B10-4E7A-9AA5-16AC38F9E843}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{751EE164-9F12-4E57-ADB0-02D8F34A10AD}) (Version: 9.00.1399.06 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.1399.06 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010 Power Tools (HKLM-x32\...\{B102139C-0734-4E39-8CB3-242854F118E2}) (Version: 10.0.41206.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Premier Partner Edition - ENU (HKLM-x32\...\{C25EF637-BE7A-4761-9B45-9069989C319F}) (Version: 8.0.50728 - Microsoft Corporation)
Microsoft Visual Studio 2005 Premier Partner Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_28ToU260_28) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{f9024a51-ab45-4a46-b597-ce12f74963c7}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{39960E10-3FF7-46BB-A92D-8076C67ABF60}) (Version: 4.0.1692 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
pgAdmin III 1.16 (HKLM-x32\...\{F5B208E1-19D7-46EB-9F3A-CAB75354B734}) (Version: 1.16 - The pgAdmin Development Team)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.005 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39019 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 1 for SQL Server 2012 (KB2674319) (64-bit) (HKLM\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SourceTree (HKLM-x32\...\SourceTree 1.2.3) (Version: 1.2.3 - Atlassian)
SourceTree (x32 Version: 1.2.3 - Atlassian) Hidden
SPIF225 USB to SATA Bridge 98 Driver Installer (HKLM-x32\...\{AB3F9E62-1C4A-45DA-96E4-BFEB26C73F18}) (Version: 2.0.0.0 - Sunplus Technology Co., Ltd.)
SQL Compare 10 (HKLM-x32\...\{D7D3B49E-275C-4867-B116-2184C821B4B3}) (Version: 10.3.8.406 - Red Gate Software Ltd)
SQL Connect 1 (HKLM-x32\...\{0E737D48-D95A-43B2-A30B-88D7D18D3C5C}) (Version: 1.1.2.188 - Red Gate Software Ltd.)
SQL Data Compare 10 (HKLM-x32\...\{21683D20-CDD4-4CDD-9E9C-7688A8438B57}) (Version: 10.2.3.5 - Red Gate Software Ltd)
SQL Data Generator 2 (HKLM-x32\...\{A61E851F-7965-4958-87E5-8B142763214B}) (Version: 2.0.3.1 - Red Gate Software Ltd)
SQL Dependency Tracker 2 (HKLM-x32\...\{E86B7FB8-8325-431E-B541-EBA0E53E5BCC}) (Version: 2.7.4.1 - Red Gate Software Ltd)
SQL Doc 2 (HKLM-x32\...\{0DFFE318-EEC9-451A-8FC7-2E50CCFB57F6}) (Version: 2.1.2.1 - Red Gate Software Ltd)
SQL Multi Script 1 (HKLM-x32\...\{D812E24D-4BD2-4140-93DD-7783B9162A36}) (Version: 1.1.0.34 - Red Gate Software Ltd)
SQL Packager 6 (HKLM-x32\...\{5662AE27-2B32-4B44-AAC5-C4BDA0CB8773}) (Version: 6.4.0.8 - Red Gate Software Ltd)
SQL Prompt 5 (HKLM-x32\...\{957DC794-E354-43D6-8CC3-64E5094BE1C5}) (Version: 5.3.6.28 - Red Gate Software Ltd)
SQL Search 1 (HKLM-x32\...\{4F23595E-112E-473A-BFCD-DADBFCF9519D}) (Version: 1.1.8.20 - Red Gate Software Ltd.)
SQL Server 2012 Analysis Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Master Data Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Source Control 3 (HKLM-x32\...\{C2D8A684-CF4A-4149-AD90-D2E1B791F06F}) (Version: 3.2.0.27 - Red Gate Software Ltd.)
SQL Test 1 (HKLM-x32\...\{C7BD47B5-BE55-457E-BA2D-8743ABA85ECF}) (Version: 1.0.12.3 - Red Gate Software Ltd.)
SQLXML4 (HKLM\...\{7C903D14-7EF4-4B71-BF78-2BCAFC499EB1}) (Version: 9.00.1399.06 - Microsoft Corporation)
SSMS Integration Pack 1 (HKLM-x32\...\{F7D2CDC7-C363-4DBB-B692-ED2DC71C499E}) (Version: 1.2.0.26 - Red Gate Software Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0018 - ST Microelectronics)
StudioTax 2011 (HKLM\...\{5E4ADF05-F045-4F82-9E98-422B2FCB944C}) (Version: 7.0.7.3 - BHOK IT Consulting)
StudioTax 2012 (HKLM-x32\...\{1C31860F-F463-4E17-9D1C-A4654C86CBD9}) (Version: 8.0.6.1 - BHOK IT Consulting)
Symantec Endpoint Protection (HKLM\...\{0A2163CB-4F47-44AA-A219-36133260CF17}) (Version: 11.0.6005.562 - Symantec Corporation)
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM-x32\...\{90150000-0015-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{104D0AEE-BC85-4FFB-8BD8-D95A850D7A4D}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E9F5EDF4-654C-40A3-8181-D558AD8EFFE6}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7E8D777B-BD75-480D-AC03-AF9C3D83CDBF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A07ABCD5-4CAF-4493-A591-A6233EF13C7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{E6D73E98-906E-4520-99B6-FA1647EC2DAE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{079FC22A-639F-4690-8512-F54DCD8493C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{13A97DC6-1E49-40B1-94E6-EB4CC3087607}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{13A97DC6-1E49-40B1-94E6-EB4CC3087607}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{C89EE024-ECC9-43EB-9D6A-52AB9B73ED63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{90737997-99D8-46FB-BB7F-7153AEAD6C05}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2982593C-B10B-4757-A58A-7926ED063448}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0AA960ED-0F9A-42EC-B9F4-52A104EB954D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{0AA960ED-0F9A-42EC-B9F4-52A104EB954D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FA115DB4-AD0A-4C2B-8713-DB15275B7426}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{70686EE3-2A2C-4049-B42F-9E285FE28EFD}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FA115DB4-AD0A-4C2B-8713-DB15275B7426}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{84AA6F34-E9B5-46EC-BFE6-AFB45509AF40}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{03FB2087-E3D5-4B28-A3A9-70CE02CA4E39}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{94A5E2C5-5F2C-4238-8387-F16873B7927C}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DFC72135-28F1-48CD-B39A-AD28ED0AFEF5}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{00ADF78E-D103-44D9-93FC-4E0B4255DF61}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{00ADF78E-D103-44D9-93FC-4E0B4255DF61}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{A6D399B8-E269-4872-8B45-7E43C04D08AA}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A6D399B8-E269-4872-8B45-7E43C04D08AA}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9CEFDC22-A298-451A-905E-28E42B90A563}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2005 Premier Partner Edition - ENU (KB932232) (HKLM-x32\...\KB932232.T369_28ToU447_28) (Version: 1 - Microsoft Corporation)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{C550C85A-004E-494A-A6D2-700C998CA806}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{C550C85A-004E-494A-A6D2-700C998CA806}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{C550C85A-004E-494A-A6D2-700C998CA806}) (Version:  - Microsoft)
Validity Sensors DDK (HKLM\...\{459CD4B8-A458-4100-91A5-3388354B3F7D}) (Version: 4.3.215.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Update 1 (KB2707250) (HKLM-x32\...\{2be8bdec-86fe-4d4e-9b7d-cbb4ced8e633}) (Version: 11.0.51106 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9200.20512 - Microsoft Corporation) Hidden
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-2 - BitNami)

==================== Restore Points  =========================

==================== Hosts content: ==========================

2009-07-13 20:34 - 2013-06-22 18:07 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 acdid.acdsystems.com

==================== Scheduled Tasks (whitelisted) =============

Task: {25FCF583-304E-4B2B-AA1A-6E1120E61941} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {293F0154-C303-48BD-82E0-15F0050BC594} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {387C7B2D-2125-40FC-ABEA-69F19F79AF2B} - System32\Tasks\G2MUpdateTask-S-1-5-21-3432205677-490433067-3967148432-4613 => C:\Users\cmorrison\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe [2014-03-26] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {66EF1811-1E6D-4987-8D31-0AAFAECF25F0} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-02-25] (Intel)
Task: {8999B267-5737-45E8-B51C-401657367746} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {9f824f1f-41e8-4538-bc70-81e80166ffe1} GEOTRAC-LT54.internal.geotracinternational.com => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2013-11-08] (Microsoft Corporation)
Task: {9439DCD7-2B3B-43CA-8D74-03C6ACF782FB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613UA => C:\Users\cmorrison\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {B2F0CE6D-222E-460F-AC73-0730D792FA04} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {BCC934AB-449C-4C5A-AF23-AC95299F6DBF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613Core => C:\Users\cmorrison\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {D8041E22-B997-4588-A095-0508FC537990} - System32\Tasks\Microsoft Office 15 Sync Maintenance for GEOTRAC-cmorrison GEOTRAC-LT54.internal.geotracinternational.com => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2013-11-08] (Microsoft Corporation)
Task: {EC8AB498-D897-4BD0-994B-BC0FE8061C15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EE89F9EA-163F-4DBF-ACFA-1A39C5802B58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {F85644E8-5CB4-4BF8-B99D-E74566A60EF0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3432205677-490433067-3967148432-4613.job => C:\Users\cmorrison\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613Core.job => C:\Users\cmorrison\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3432205677-490433067-3967148432-4613UA.job => C:\Users\cmorrison\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-10-04 14:53 - 2011-10-04 21:53 - 00034304 _____ () C:\Windows\System32\ssz2clm.dll
2013-01-31 08:17 - 2013-01-31 07:42 - 00302200 _____ () C:\Program Files\Macrium\Reflect\ReflectService.exe
2013-10-17 11:23 - 2013-10-17 11:23 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-12-06 20:42 - 2011-12-06 20:42 - 00292168 _____ () C:\Program Files (x86)\Microsoft Team Foundation Server 2010 Power Tools\TfsShellExt.DLL
2011-12-06 20:42 - 2011-12-06 20:42 - 00019272 _____ () C:\Program Files (x86)\Microsoft Team Foundation Server 2010 Power Tools\amd64\TfsComProviderStub.DLL
2013-03-07 12:56 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-01-08 04:21 - 2012-01-10 15:36 - 00159360 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll
2013-01-08 05:48 - 2012-03-19 04:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-03-05 04:43 - 2012-03-05 04:43 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-04-06 10:17 - 2012-04-06 10:17 - 00016384 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-22 16:19 - 2013-01-22 16:19 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2134117ca053ce1825bac39b909a2946\IsdiInterop.ni.dll
2013-01-08 04:23 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-01-08 04:21 - 2012-01-21 05:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-10-17 11:23 - 2013-10-17 11:23 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-03-15 15:34 - 2014-03-14 18:50 - 00051016 _____ () C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 15:34 - 2014-03-14 18:50 - 00716616 _____ () C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 15:34 - 2014-03-14 18:50 - 00100168 _____ () C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 15:34 - 2014-03-14 18:50 - 04061000 _____ () C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 15:34 - 2014-03-14 18:50 - 00394568 _____ () C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 15:34 - 2014-03-14 18:50 - 01647432 _____ () C:\Users\cmorrison\AppData\Local\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-04-08 10:11 - 2014-04-08 10:11 - 00098816 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32api.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00110080 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\PyWinTypes27.dll
2014-04-08 10:11 - 2014-04-08 10:11 - 00364544 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\pythoncom27.dll
2014-04-08 10:11 - 2014-04-08 10:11 - 00044032 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\_socket.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 01157120 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\_ssl.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00320512 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32com.shell.shell.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00712192 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\_hashlib.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 01175040 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\wx._core_.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00805888 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\wx._gdi_.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00811008 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\wx._windows_.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 01062400 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\wx._controls_.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00735232 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\wx._misc_.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00128512 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\_elementtree.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00127488 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\pyexpat.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00557056 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\pysqlite2._sqlite.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00087040 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\_ctypes.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00119808 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32file.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00108544 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32security.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00018432 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32event.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00038912 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32inet.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00122368 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\wx._wizard.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00070656 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\wx._html2.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00026624 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\_multiprocessing.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00010240 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\select.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00024064 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32pipe.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00686080 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\unicodedata.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00025600 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32pdh.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00525640 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\windows._lib_cacheinvalidation.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00011264 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32crypt.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00035840 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32process.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00017408 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32profile.pyd
2014-04-08 10:11 - 2014-04-08 10:11 - 00022528 _____ () C:\Users\cmorrison\AppData\Local\Temp\_MEI52322\win32ts.pyd
2013-07-19 12:56 - 2013-07-19 12:56 - 01027240 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2012-10-01 21:32 - 2012-10-01 21:32 - 00321136 _____ () C:\Program Files (x86)\Microsoft Office\Office15\msfad.dll
2011-12-06 20:41 - 2011-12-06 20:41 - 00017736 _____ () C:\Program Files (x86)\Microsoft Team Foundation Server 2010 Power Tools\x86\TfsComProviderStub.DLL
2013-04-09 14:04 - 2013-04-09 14:04 - 00619520 _____ () C:\Program Files (x86)\Red Gate\SQL Multi Script 1\System.Data.SQLite.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\cmorrison\Desktop\cap1 scan.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\cmorrison\Desktop\cap1 scan.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: MSSQL$SQLEXPRESS => 3
MSCONFIG\Services: MSSQLSERVER => 3
MSCONFIG\Services: MSSQLServerOLAPService => 2
MSCONFIG\Services: SQLSERVERAGENT => 3

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/08/2014 02:26:10 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHFC4A.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:24:59 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHD6FE.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:22:39 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHDD2D.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:21:35 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH97E3.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:20:27 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH6C50.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:18:58 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH4385.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:17:05 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH43F2.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:14:30 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH22F9.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:12:39 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH33A7.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:11:07 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHE049.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

System errors:
=============
Error: (04/08/2014 02:20:15 PM) (Source: DCOM) (User: )
Description: DBSQL-B

Error: (04/08/2014 02:20:07 PM) (Source: DCOM) (User: )
Description: DBSQL-B

Error: (04/08/2014 02:19:31 PM) (Source: DCOM) (User: )
Description: DBSQL-B

Error: (04/08/2014 02:19:23 PM) (Source: DCOM) (User: )
Description: DBSQL-B

Error: (04/08/2014 01:49:36 PM) (Source: DCOM) (User: GEOTRAC)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}GEOTRACcmorrisonS-1-5-21-3432205677-490433067-3967148432-4613LocalHost (Using LRPC)

Error: (04/08/2014 01:49:23 PM) (Source: DCOM) (User: GEOTRAC)
Description: application-specificLocalActivation{FDC3723D-1588-4BA3-92D4-42C430735D7D}{83B33982-693D-4824-B42E-7196AE61BB05}GEOTRACcmorrisonS-1-5-21-3432205677-490433067-3967148432-4613LocalHost (Using LRPC)

Error: (04/08/2014 01:45:17 PM) (Source: DCOM) (User: )
Description: DWSSISDB01

Error: (04/08/2014 01:45:07 PM) (Source: DCOM) (User: )
Description: DWSSISDB01

Error: (04/08/2014 01:26:04 PM) (Source: DCOM) (User: )
Description: SQLDB01-C

Error: (04/08/2014 01:25:56 PM) (Source: DCOM) (User: )
Description: SQLDB01-C

Microsoft Office Sessions:
=========================
Error: (04/08/2014 02:26:10 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHFC4A.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:24:59 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHD6FE.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:22:39 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHDD2D.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:21:35 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH97E3.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:20:27 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH6C50.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:18:58 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH4385.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:17:05 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH43F2.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:14:30 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH22F9.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:12:39 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWH33A7.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (04/08/2014 02:11:07 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Gen in File: C:\Users\cmorrison\AppData\Local\Temp\DWHE049.tmp by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

CodeIntegrity Errors:
===================================
  Date: 2014-04-08 10:18:33.089
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-08 10:18:33.057
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-08 10:18:32.935
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-08 10:18:32.886
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-08 10:18:32.848
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 11:46:17.800
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 11:46:17.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 11:46:17.746
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 11:46:17.675
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-07 11:46:17.311
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 80%
Total physical RAM: 6019.36 MB
Available physical RAM: 1193.04 MB
Total Pagefile: 12036.89 MB
Available Pagefile: 5514.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:450.15 GB) (Free:184.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 0112DC01)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Can you explain why this well known hack is active in your Hosts file:

Hosts: 127.0.0.1 acdid.acdsystems.com

That entry is to avoid the online validity check of ACDSee Pro 6 which you have installed. I did post the Forum protocol alert in my initial reply with regard to this kind of behavior. I cannot offer any further help unless you remove such entries, also remove all P2P applications and associate software.

 

Next,

 

Download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important - Save it to your desktop.

Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7).

Give permission if necessary, and click Search For Files.

After a very short time, when the cursor hourglass disappears, click Save List To File.

A message box will verify the file saved. Please run the program once only.

Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

 

Kevin...

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 


On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

How to get logs:

(Export log to save as txt)

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt.

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Let me see those logs, also give an update on any remaining issues or concerns..

 

Kevin...

 

 

fixlist.txt

Link to post
Share on other sites

Thank you for the feedback and logs, We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

Link to post
Share on other sites

Run this please:

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Post that log, also let me know if any remaining issues or concerns...

 

Kevin

Link to post
Share on other sites

Kevin,

 

I haven't ran your above post yet. Doing it now.

It appears this virus is stilll here. I just received the symantec pop ups again.

 

Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen
File: C:\Users\cmorrison\AppData\Local\Temp\DWHA98F.tmp
Location: C:\Users\cmorrison\AppData\Local\Temp
Computer: GEOTRAC-LT54
User: cmorrison
Action taken: Pending Side Effects Analysis : Access denied
Date found: April-14-14  7:15:09 AM 

Link to post
Share on other sites

Results of checkup.txt

 

 Results of screen317's Security Check version 0.99.81 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
Symantec Endpoint Protection  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 25 
 Java 8   
 Java SE Development Kit 8
 JavaScript Tooling   
 Visual Studio Extensions for Windows Library for JavaScript
 Java version out of Date!
 Adobe Flash Player 12.0.0.77 
 Adobe Reader 10.1.5 Adobe Reader out of Date! 
 Mozilla Firefox (28.0)
 Google Chrome 33.0.1750.154 
 Google Chrome 34.0.1847.116 
 Google Chrome plugins... 
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

Run the following and post the produced logs...

 

1.Download Malwarebytes Anti-Rootkit from this link:

 

 http://www.malwarebytes.org/products/mbar/

 

2. Unzip the File to a convenient location. (Recommend the Desktop)

3. Open the folder where the contents were unzipped to run mbar.exe

 

Image1.png

 

4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

 

mbarwm.png

 

5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

 

6. The following image opens, select Next.

 

Image2.png

 

7. The following image opens, select Update

 

Image3.png

 

8. When the update completes select Next.

 

Image4.png

 

9. In the following window ensure "Targets" are ticked. Then select "Scan"

 

Image5.png

 

10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.

 

MBAntiRKcleanA.png

 

11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process.

12. If no threats were found you will see the following image, Select Exit:

 

Image6.png

 

13. Verify that your system is now running normally, making sure that the following items are functional:

 


  •      
  • Internet access
         
  • Windows Update
         
  • Windows Firewall

 

14.  If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder.

 

15. Select "Y" from your Keyboard, tap Enter.

 

16. The fix will be applied, select any key to Exit.

 

17. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder:

 

System - log

Mbar - log   Date and time of scan will also be shown

 

Thanks,

 

Kevin...

Link to post
Share on other sites

Hi Kevin,

 

Thank you for searching for that Symantec Thread. I did what the user John_Prince said here...
http://www.symantec.com/connect/forums/dwh-trojan-symantec-cant-remove-it#comment-4699111

and I haven't seen any pop-ups since. Symantec Endpoint Protection is running and my computer is running fine.

 

I think I'm good Sir. Is there anything else I need to do?

Link to post
Share on other sites

Select > start > type or copy/paste Programs and Features into the search box, hit enter. In the installed programs list scroll to and select Java 7 Update 25 Select "Uninstall" to remove that outdated version...

 

Next,

 

Adobe Reader is outdated...

Visit http://get.adobe.com/uk/reader/otherversions/ and download the latest version of Acrobat Reader

 

Step 1 - Select your Operating System.

Step 2 - Select your Langauge.

Step 3 - Select latest version.

 

Untick the option for any security scanner or toolbar if offered.

 

Download and install.

 

Having the latest updates ensures there are no security vulnerabilities in your system.

 

Next,

 

Download "Delfix by Xplode" and save it to your desktop.

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


    Activate UAC
    Remove disinfection tools
    Purge System Restore
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed.

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Let me know if any remaining issues, if none are we ok to close out....

 

Thanks,

 

Kevin

Link to post
Share on other sites
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.