Multiple iexplore.exe Issue

Reflexes · May 28, 2014

The past couple days, I've noticed that my computer was starting to run slow, so I checked the task manager, and saw that "iexplore.exe" was using a rediculous amount of memory(up to 2,000,000k+), and would show up as multiple processes, regardless of whether or not IE was even running. I've tried using End Process, but they just keep popping back up, and using an increasing amount of memory until both the CPU Usage, and Physical Memory go to 100%. I ran MBAM, but it didn't find anything. I would really appreciate any help on this issue.

Log of FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Mark (administrator) on MARK on 27-05-2014 23:16:30
Running from C:\Users\Mark \Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [3400438930] 0x504B0304EA5C687C9294AECA520700000030000064C73C78C4D1BFD450389A60F1802EC0A295D406E3CD1E00886ADA092030A3CFA2166609CB66DEA6FBCF409B677511CF22BD5941C01BB23EB698B44A4D6FA3B67B8A3950591014EB7C60D2EA49A34F0761F688D556506F90DABB45DCDB46B7C2EC3B3470E9A5B59F7D3B101274C3C4BAD6FCD63AD6E08CCCA408DA733CC7A461ED00F0BA271173AE1D8A00F36D52AD98638F07B727D12F1F7D2C037B4EC582F35489D6AE8656006BFC372F07EC6C7A6679AA7D3F82CB47F98AFEA9A9BC166CEBE661B8AA4D856F8BD826497FA990CAB847F7C4789B64FA2A9DA823119D707B565956D8992A20EE4B7DF91B3E6DD6EB3460B87BE6D95AA9BF2C5F4E69A9CCCF0A660EF0B1BFEAA71A29C4318088036B3707B038E4649E410E32211339D6300EC4149DC5732DDC0FC16523F318E6157868074B72BF51F524C66BFD7058695C90B01D3892262BD947A68A65734FDDAD4BAB349C18D5EC94B964B8D4B0068F9DBA6C2AA548715000BE15D7105A07966DAC477252A8072EEDB2EB7F0CD3FE45764D20B87E59117BADF013DE78D78C795428995E5B8F0549833F18C72216E8694926A29F09F4E31C7CCFF8439381E0076E3B65217648905C1B2A5F7C0DD7EF1FE05E6D30B97C2ED630F9E53D92E082E9A75729073075E1E7213068857C07A0DF272A2C1D292D815B78FFE19F57A123A27EB2240C858A19D36ACF63EEF0F7D46F3AF8F5121AB0CF0885D3E2F99189FF403B8B9B69C3327EA4D983A5EB95FE79397E64F949AB0EDA638612E5B0B911F4A985A42B895A1660AE58067B22EC762254BD38F2334FCF687993926A8B414224A8E2B1CFBB41A60827242F84588DAD5904A527B59B492EAB6A3465117DB9B4830ACBEA71AB21A3467DB703178521609B7CCE58A65FEFB6530EF24C6B4083B5564458A0D92C838316DD72502FD281CCFB08AFBFDC6623C352FEAEB1BB13D818F2B563F135187720A84E094958E7BE0E2BABBDF9AC2E9941C94D146BD266AD78BA5651982367724B011D2ACC209D24FC879C2FDDBAF74625F99964879CDCA17C2BE6C71651F9A87EEC0C6247200AA7AEB8EFC304656047521CDD44375FFB5C08238690F57EBBA4F7EF1153D00383249956BB9218FE7B206E5C286B19FA79D487BA97537AA5C686607923043980A9886C79A1522723C8B51C7E5329A05C5FDF1B0C2B4012DDAD84FE466CF5D2EFAEABF882CFF495B3B392BD4C565E182EA9115336E55DD0C0B127E199C7673BDCADA2832DF8D3F980BBB011F3D592B3BE7C2F936160B3826AFE4C321344388C1D755ED61CA74F793B5E68E977982EA06B405DD636D83A1139D7A9B3DFD936B68A120084C90C47336EB6F7C21734C7F374970D48AE9B9316352482DD91CE3349EDBBDFFD6AAF03B64B220A716548F51DEC577AF96D34CC923D8C2569B0DFD13B1E3C0F87F66EBECC006AA02340B261CCBF7E8BAFB21AED008913EB87DC635C0F79588C5C56580A88FD437C401B6A0C846D6F15E3893B6DF6560021E850C796311446BD5036E7ACAD4A6F38822392017949168C79BF4B9E3FCCA48D75C103DDDD375D9E9E347B8D2FFC7828F1A5674FBF4CF7A8B339C37B06F791BD02EB3F6FB1D1305CD9DFA93C8D92269DC495BA7D06EEA69825BAED7C3BCEEB38D3882B4C1F328E80C7926C3D3AF7CB48F730D9BBBC39C7F5CEDDB9063725516A39CFE29974E3013E3AC298CD96C045593A9DE87603974C3AD01B0BD35B1731B0B6C41421EF408C4EBD1E28DE9211EBDAE2B9FFA7F099FCD71571A58E58835BF3CFEDB14BAF58171EF08AC134262A25F0980A1D23A2141F81B2D98A3610017088A4BE9F02126EC90C1C9F4889EAFDC15C287958C1C69CBA6EAFCC4E11695C51E2CD1628F8A830684907570660515D298AE8AEFA73F96DAF6A4F9B254FBB5FC8CA92A363E2E70EFC7CB49F32229438764334D33D4C3136FAC98170C8E11B0403A486F0A1CF56968533DA6F7A08CD2FE42C38A6F09D39790D01987C1FF2075DFFC67F100AA3467E06906917B6CCA0E66AD5C72181F0D720EF274992D3551EF8DCFE9AC7453D835F7E19043BE0FB1DF031FC4B19A0C44B5F7C0EC22B0BD68A5D33B67EEC240CC90AF9B04E8CC6AC598BD519DCC434BCEFB3E871F1A794FD7C5B404F36F1D57E74B1DB07EA11C02FB5F4DF7AFB832A864EE17327C94CE4CEF93CD11525329A2F43D7BF2220C514A61A43921F1E86035D8584A1DF7191C80F08FE57C01DF88DEBE1CCC892E0DD98482573639B0FE28E263A0C5BBAFC02A6650501F6DB933B108184F6C2CC925A830B9C852B117B018CC0E723EA73C09E894B444275954CC7F3A43318CC28AE410EB54B67AB9103FCE72A58D94C643188179E055BB0AF49B0604123337C8034FE76760477444BC6DBEF17B14D1E7951A1F39CDF2EDFE48249819A275DAB72D5990DF4B03B1AE259143BDF2E688803D7B276A86158C3847789AF47D57599B8D5B805E2F5E334489AD105ED36FD31126035E1BBB9E062D3DE872ADD019DD255EF7AA0CA0184DF7F193A8842A63CFC1E665DE949565CC95228CFBEB4222169BCB5C0B680981F075446383A0AD34D646210D6467DDCCC5530A0B21757712B18289CB50F081280C51C235AF679D6CE834753EF6A9EE40CE10C
HKLM\...\Policies\Explorer: [60270822] 0x504B03048D2BF985E6A897030E1900000050000064C73C78C4D1BFD450389A60F1802EC0A295D406E3CD1E00886ADA092030A3CFA2166609CB66DEA6FBCF409B677511CF22BD5941C01BB23EB698B44A4D6FA3B67B8A3950591014EB7C60D2EA49A34F0761F688D556506F90D2BB454180B6783FD70334DF648FBF9B083B361B6D897445800DCA21EE538448A71DF75E14B9A8989A4258FC104B87A03E0279BA15333289F784DFD32EB8C5E2F19DA2390C2592129EFF24B3E467A200AA325FBBBEE8A6811D1C90EAE6BB8989A8E9A0AAB06709FAD28CA2AA65081DAC996ECDF0D5F6D2FAE7E6C0CBDC367F9A3B6C56A13FF0F1CA034570B5706CD8DC79D2593CB56FE92E0DBD3EEAAFF34AD34679EA9B68D64C326010E178DF1F223C19D36BF0F43FCF5EC416287A8AC0FB833C6F04FB7D1122ABB80F7B7D987000AACE3FD88291CE56F8AB2C092832E6FBB384B6FC02E00A6B2BB95884DED210592044FA2E6D3264466F12B2690A72BED55E1F4854A36BFE11EBFA394E0231274CB076DD13174513DDE22609BA570EB38375E22B8AE01F9DE6690A153F6CC2A88BEE6602270EA5528B1288A8C58323798C6BA307EF57FA1A56E31412F3117E60B3C5573B671A85DADD3B63C4ED698CC96CB77430D4EACFDA9811F8072673FB7375EDF774E3DBCD3E134D06A5EF0D783A5B2EB6F720BACD37B15DB6E624C8AD95F9039A0F94C5EBD4EA188721A7D2A18A8B429DC0139885C5DD9E909A9B36BF13D18D5A75F4597D1B1648D7A4F6BFC0C47F4510721E8206BCE222BC2AC80886F0EE50B78755DA76E7D6EEE88E421A5DCB5663723F77D906FE8E0ECB9BA99D715CC69D5F5BB1B1397A5270407570308847A0952FA752D124AE0B360946CC82C6909A549CCC221C27A2331884D339E9167956D7FBB22D11B1E09D0A805D04C79C3CAE2F2919C8BC1B6834CBF1B196086E58EFC0515E510D38CC8B0D41B4EE5CEBD993520661574251D7555624F672D3C295A9B3ACFE390140CE74B6168680B91551E7F1EC12F54BE76FDCD03BB79F1F9594D2A1F4E434D3B773DDC29E2EC8C667C247890BCA72D113D85EAF72A89BEDA7FFFBEEA1C5D90B10C141DBE3FE69A327A8623D944D6AAA9BFCBC2A1859FAA3DEA068FC92C2CE8950A7661A7E4E1F3136392BCC5164E7DC01AFF72B6394B47BB12D61D3E6FB0BEBF4E744B0711897B88E12542D3FCB00650C63B2EB41279F549E4DE06DE958E098DD44835DE67F567CD5D06A12862B7FEFD02C1C81C1D0E73CE21B99B4A8C0EAF30B35E8F8237C3021ED93A6B6CA99B7459F824C7D39C736FB0B244BB3934D3BC6C6E0DE208E57D7F3944AF7C6E0E231910FE15A97C7B06B6422D3EBCF453ECDE149FB954A4317ED2D2D7A9987F5A54FCC6A657CE39DB0BF43DBE8E66C7ECF995CF7F550BEF0A035006DE25EBE75780328C5C5C1EF5967B490BE977F709913DA1E3A6CBC124BC8D2FEEB810A73BBDEE48EF89BE20C5BEF43432078023C2EEA6AA6013D71F3185A156C020A14486566732A9C81BB6EC5785689850CDA5DC5766C3AB9CE298DD3FA3EBFFBEA913615351530431326E97E1C17CD430BDD5892EDCC57F8FC6DB4B8D00176D678751C3B3BBEC61F3B04AFAC48BEC571A4660274522E32A6DC792167A6A5E483F385835D903E2A718DBBDAFA95D08A704C754393C191DA1BB306E74A0DCFE1AD280C9642A20E9DC9112161EF9AC37E380F7C23933A977A32385D9AF653A314DAACB8FF13A466F75058F04A93970EFBA579E2FBBE3549AA70AC74CED217422A4E5BA259061B132BBC0B53F6335D35074F533FE9145FE096816548A7A0EBF75755C10171AFAFA8CBFE9E8289DA493943587403DBF135F6F1BBAD590A2A6E6879B8291234AC62A671AF3F82155A5AB67C48F887E77A847A0855789EEA91CA7FD2C844B9F7C0ECD4ED0E522B939D7F215AC6D6A8330930AD7984F04ED7CA1068C53C3537170991B6610035043A7E4C38B377DAA0D813906ED72AA0B898E49130A461FC51794326995AA348369F661A4009DF0F5FEF29BA4DCB31806C259FCEC9003E8DD06E1328425EE72091318C761AFE823173348BE69AF17C4D39ABBF7279C8CD991E4608A054C892D85D6DB86856EA79579015DB2BE92CCD4F451BA53F137D98B3199FC8FD8D5F6C63069E8700979503F6EDF3DE14541F0E8966103416C39045E4A96C74693035C3F816CB4E7CF2D9A87613BBAE2700137B5219D60021201920CF93F29475B095C12661D7CEED07B0D95716EC528129A1BE3AFBEC2B0BEB08946D7299877C38ADED47856FA7AC041D962A8E9766AD0C5DD4EDE20669C240A9C0B50FA9A137D610391C7E08056E53266FE59ECA95ED1633D60FAF05BF06E617950F3018CCC824F9D7BF6B14CFC1EA666EB711528ED75C888E7021059193BDD16B688E756B1045E8E26478572B0F3EDFA646D33357200FFCC6E40527AF7F824D344FD3C7B46BDCAA3CBCA1D2C80A214EE31352E3FAD892ED20B70CE020F7AF931EBF399C9793EFABCEBEE71076F083A296C658492630747F43DC65198C9B1F7A696911D9F05F65C84E33EEC0D25EC08428A2CF35710A49D2C09458B6FD1C6F9D873954B2DEDEAF712438603EE4BB46212BECA4CD968E6A377B840273BA2A9EA01C9218391ABBF38CCD2E527E3F6EE7BF5EEFB5DC8D0435C57777DBA914EE4373DCE440447806963A03FDB2E72A466EB03AA74373A04A3A7276675004BFACE3B08AA51FA816C69E1F764744ED1C780296CADF4C929CB707DAE67AA4714E9427645F5E041E2BCA09FE243557B08FF7FA1EA40377BC29D4D4D49EF2382C2C454869022DF68BEF92914851B4B3CFD609F245DAFA0084560DDE4CFCA215F4B5C3022282A3DC647350D212676F577EA83434FC97B82DC630AFA05949398D0337ECA35540D85A01DEDA90AE3C91B48604B7736110E5259ECFD20CF9B58E187465D9C23CA5DDC49143C4962A08EED1F9319D7B213F471607896C6522B1817B4997F49CBDE4DE93448BC59438A4633F40444A399E76955A0B5EE6DAFC25BE2E3BE195EEDB023084FAB5DD4EAA8D85BD1D999341D5DF1F3A84BE727FAC8320B7943046EA432C602E92DE1BE170A13FF22C1B7D6AFEDCB0C236DAAE2C2E30FFFC9548C960D42E24838715DB50870AAF9D9ED7939C54F6AA14E8D341154A673252ADE27C4A48C1DD5A82EB3271AE7A27620E35324CFE4C1BA99275E446D81C77D855CD6768DA51E557F3A5A295949F9EEEE9DFCCF45E94CE3FFC552A5F995728995CC11409C49D621AE69E02EA05ED3711BBA6564587E130498B5AEC1E05522D81E3BE275FF603C1F0D38ECAF98DCCA2A8D28CE5DE15008D0E64842084608809F42CF1BD1A20EE3418635DBFED04AB8098F26C1C332B86AE68AF7CC6588492A6923777271A7C06EF77D0CF58731AB1D440797F9232254F280290DAB472F814B1C4A54192F71182A1C09C3A57BA555186E110BA3204F49C166D402ED10D3B3872CE7536B0142E9F402A3198C0D734C0F4BF58F96A72F80AD3EBA47C2286A284610E2B19A50F008160A3E44D65F6E91D66D3B87172E1BB427A20BB79509EC8364F8BFBDD3E62BD9D5837B47D585BBBF09812A794F85BA128B281A1F268426303AA3B4C03531AFD0DEA765BA1ED8A5A934220D7C04A1272C5658E273363BD006C2203D223551B7E3A7419919E2AEA35B663325D2737F49CD35AEB33207B7F29873000F80A57565B3FEDF4178248D9FB5E35371BBE64BB1FFE799F6E34289D2606F633542D20D6E0C1D553F3B752B9DE8686793D8DF376F1FBEC39E998D570FD1338D4DE14B0090D94EF79353A333A654C77DFAA1DCA51A3525C2C52930BED92E09A9B5A0DC03A896E53C621A86D9C6720C8C44382B3CFABD00D29A08159C70E67B87F8D80868A86217BBDBD9FB1BE69B7299816763666FA28247B3F7CABFA95469342A4060484987881A0DE8F6A08A1F6BAB1E55C10DAC6BA1DBCC203B549DB883065E292A4DEA2C3A91CC4796CB23A3FD84B5F2889028FBEFBE3F943D4B3EF73B270EC125322744518FA6C651E9B40E8A942228653E73BCEE405CD68E83C7D755B53DD2420AD4C9A69E6062D078FAC5F08329C75AD38650F6B510E9E1FB82750C1A36CC9E58A5F01E2F2BEC66D50AB68E08A8FFF1B059524FEB0CC5487C0D25F1901CB20E50238EDF72A0D63968BE8495AD32FF735417F7E3DB9D8B6A1DD20C5591DA61B00549746BB859A844D14F47C26210DCE826C0595326D9066367C4AADB3D0944B97B2ABD2731B5DE26F917E0E67F783885A6003ED274156D9C0FC33C53C0FA80792DEACA13971B4F3CAF2A85ECF1540C854C51290F0310791049AD50DC94510C4834FF4E2C6875D02C9417DF5BEA77EFFDFBC64DC65D346632815273E883A3AE766A6A91A6AE9F4D46250A78D42901D239618CEF50D6C0E7096E098DEC365DC8B5EC4B5681BBA392AB73B1DC26118D74DD799A14E4DB138F1B7423D1852451A573706521FD967106C07289FB5880CE4AC5511831257210422F3E85447482DFC85F5A645F861AD17C7EA32D376F42ECC76B1A8D75FB07587ED3B2328F215309CCFAEC3256CB864D2CA8D0F1201F922AA29C09C3A8076C38C87F3C41FBD5637CB5651F022A540D05CDCC65AB13EE3E127FAD75AAEA509FFC844383836DE0D87D67D46DF5AC9522498C99B35B5ABE104F89DA6DCA89277DFB2882C56F2C1061CEB30C58F806DB0A9208793A398EB30D3E29D83798256146BB2174E51609D69E3A3CFA625BC3FB2A8410FE4D96AEF37B447111216A47AF6E842B4FB3FBE671019F035C707B0003BEB39CFDFBE538F9284BDDC940514E6191C68D6349F1B85CB13FBDEBF848AB0E97B652908CD9DB5ACF35FF361225EC06A4636B8CCF630CF25594F76451DB03CDFEC6CE874708D67EE59D025ABAAFAC53564A5620EDD1B1A26A8D378632845549D8DDAF9FE6E848877A12FF8AED0530C3C78CCBF23B0648942DEB36D4F2219BFB62FE270A93139436340C7806A8525127243FC5A0945C06EC84A476C9CE56DE56716CAAFF710DFE751A0902CE2E52D5BFB921643DD25BDF2FD7D39443CC2A2884A34FBB6FF74CCFF94F371653E23A0E6CB739D409010EB0A68CC3BA7B96FA1329903FE50ABC545B91435455CE499F6CD6E5FE03C16ECE757D617E9A935356B751FF8C8E8D64EB8CBCA08726BA488A2FB1C4B82AA13B077E3EBE1A367864186E817319D71E4232C2A88A129CD5867630391274B00D22073CBFB01A7B65F29F3B1629F5A74A742A599CE55EED8D6B544580C53B8D24BDD1019D39764C8607AF1A2A20D056840D465DE825B029E3C9DCC1AABC146F0DF3EFE6CBAC2A9745A4C2CB172D39BAEFE39F3A63D8653519BB6C42B917B29580D7C23F4C17EF2E1BBF3F5EBE1EBDB1575A9F91C07651EF827E20287B518B6403CCD61D64270AE36FEA90282355020C684EFCA28A7A3CFAF2E49BE095237BE1B8E9EB209C93A12554B77E3A499FD86372BA48F128DA886A7A89D8AE55F194BDC24007DE8E9FCE400DF2523B8F19A84DCFC6BA407ED09BD33100D06348ED1C6CDD2D660881B85ED4E7ADC51C158AD46914441A2E19CD9CA9642C815D42A56E364C93FB29BDFAAA2884852857C7AFB4F28BE9C41470AFC0C4E2D0EF65E01BFE9200100BD119C9666BD58BA76015C0DB0BAA74DD1F46D0744CB78FD17E79B81724F82FDB7CA4E3EB0E3F48F239FE9563FDF1F06843E07B4DD8F4CC6F588DB5D9D30AA4ADDFF04D7BE2F7E39589AAF31597BA0C01636A51257CACEAFF6207BBC783863004B5462454BCF6564C1B98E21BFD2BDD4C0ED00C94D5984EEE567A438B4E06A0291ADB0016F091774F9058CB487AC9E3E05DD6418492DED443BC3F848E46C73A38DCDA57C079BB93F33DA19A546A84730398E1F31EF17B236FBDCA04C2C3A8017837647EA875B2E9B4B4CB8DF06508BC71E9E051D527A95197C027C7371B6D9EC169E0127A318A416D94A7416A5026FC374E10E97287E8393E67323E3E45CD5DCBF97642793CD5CE820D0C2BFFA0027005BC369D1756E80624ED82F6C08172292DE025C4B0AEA8041CEEBFF8CA4A8FB5A77D3C57FD6692503334B2D59171E024D01BDEE7A98F67B7D864D3B477518719E07AEA395EC43206999E1EE56AB82B95A5863AC37DA1C842BF37448ADE668FDE87540DFBEB762723BAED48903E2DF06602CFB837ACE0870055B92FB9015B535277A3F2F158CE0F293844C491F3A4072794E9731237204FDFA0510AD28ED93AC5AD615900D2A48372A9CF4648561EDCA392301A310E894BC2FA993DE93DC8E35F71FD9E33D634EDF7F734AE902ED59C2495E90426E03562B2FA49563E6CD1A2785B233FB82F46C7CA4B00399D4E17F54D88CE6AACCE2DF2590329632916B7B51A98ED0A90EB03F545524F6FB0BDB35E1174EE02436C7F71502D8C9E12F7F4E9D378ECC36730537215AFC9566FDED6C8C895D945459E0234EC64046D5B60B8450A6225A843F184AC8383F23DB6D67EC03D030D87ECAC1393C1001F8D34F2000CEE9B3982E3C11C273D56D52B08A34218A94084EC809C47471FA2D053FB99F3EB50C7B7F03FBEE5E3DE5B3DA96BAC76CA24673038EC5B7E0E745591CD777B8CD8F96EA750E90B94E6DE31FEC1544154F95C574579005C0F07B85E5C9F5348853A920013D3340D638C423DD623D3A6CBD51270100A941C5D9EB1A6C964928263B03F6E9694D4EAB4B38B7DC54CCD2549098EBC727F60A036389B95CC1F29F80E7EC2DF4353950663A4FE9B24E013A4C5E8CB288F99B534166097BF6BD75EEAC9233489F763ADF398A65DEDDFDA512037D5F7223FD33B8F8FE44A70E628F952435017D8423FED9DA3695A97C3B3B72491CE0647FB1A664C9B4AB1A0AEAFBA315A346EC0719D4174D83071733F53E51C1AF9EDB0E745F7682E89F6C9890D19CCB469F5A0B96E8725C209EB2E5CC2305189F512E7C99CEDD199A105A972AA012C9086F8A0870454F4052ED9CB4FE4EAAE691187CB5AF730F4A27BFA44CE74734747B7A5CD98E7F832806FE164185AD07C5149DCCA50F8526C75B329E077ED1E20D3991BC3ACA8BF1E7C43267A13D4FF4F1FFE1DDD356A76141277CBE7C3BD184B412346DF740CCF54A7D1CBD97482903A8AE3254ADE89292F3EA4E71F601BAD42A780FECF49ACA057AC959655CFD419656DAB67F504537367BF593CDD0B0E4A38D429A60C5E40CB0D2F33961984FF61A5D84799166E2F943353060A39B6EA976A0693A63DAC9B65728D348196DF38993D6D26640462C1FC925A3E4DA58732DE6C1BD467D064352DABE11930992D3D6F63B73CACAF62279E5917ECC5A24511EBC226B444AF747FE4FC569989976CCD0EE1163767F203911E50628A295A66F06824800315D32249F016E1DE387BEC24594869013634EFCA4E64846D90DA7100D02F6217B7394D957C8A26AC6705FAD1EC9F8263AEBE4CA4D68AD5EE1474B0FA17CC4BB25131F70529020FFBB64D131404269D7685D21F5F14D13A5B39428A565ACDE5F55D06D79ABC2FDE3C60E7A34EC12995312C05436D179DC1DCF93DF0D8D9128EBC90950DA3F63F24926D68F9517987AFC0971A310420EC6DFC8A4E5CA871C75DBBE7100BCFF52432DD08CC82AD5D6090439E83BA6B4298388E29D59DB6A14AEC100825C639CC17A104DD5C34CD3AD2422F4C1F1731784909F0665AA94818B7BA85D86463705D6338C81768812DF3A0EE4831481BCCC9513B383B773FBDA2E918BA7315A8B78A3898DA80DA7A25A68672F83E276B94D2035AF6233CD3E9CA1D0EC91726696BB0B802439E4E284F7CE3D7DFDE4D17DD21DB85FB14CB516F1B86C99B8B81ECBC7AD02CF58589C84600CBA4366FBE78DA43E4FA964A742B5422BD07599DA22DD1B0A29F34452BD54712B3DAC1AA7A3C38E80C01B4A66C1A49886E19BE159FAB993A8B2B425DA0A61E15571D06E3AD9912F5043A0F54240854AFB4979C579BC5340DC4E1BC2C037BE3D32669A4A3C0C1A59578506CDCDBE86DC6283FA84568B8B9A6F6482F04EC78F0A59567691F250D893C0E4C2B0A259195D3D7CB32EF82F7FC2CB4D6A5D37C05657C7DF36C558CCC64F12D6BE815034C497A91E8A64396BB1B7BCBD985603328158C8D8FE2A4780AE4B62BEEEAA40517326AC9E78EA3EB567B0BFED26B15C7B09597167C4589D0621491B89D9FBDED47366274659F61B5AB525CE5E6F3BC44F82C82A52E0C48CFF2CF3AEA27DF8EE57AB40B0107DB941BC6F32F56E8770D666ADE66D31A7FA5ADA725548E802D8365165F18FBB8973E1D8C160AB803F198D7B40684AB4BA4A2002DC0CA10B728C97FF0C8B015CF27251C59E3D641EFE0131AEEEA98D067F8D3172E24736715798A4F34D9952EFF71F114C06E057F1E814A5A34296F5856FF44F1D08A4567B35A77D656EF2993B5DFFDC9790517AC1323B8CC0BC9FB33E0C77B5B7564FBDE66093E04B321821983CA3E92A2E195BF3E1BE557AAB5827F52DE6235BEDB1998653E8DA784765A9802C2FC470EBB3A53D345ABD63B76463B7A0D74FF76CD06577BBFDB89BDCCA6D1F94AADB27201B1FB2DB332E1EB38A73875EDA5B3A9870EE8EC3B852B3C6819C447E8495E0F5BCF703CCF001044BE04AB3688482AC2D7B4A06DE8ACF7EC5F9864D33FEC241128734FE551A91650E8A1DFECBB9189DE97DAB23A83201858992CA6DF731A4CF19524FFAE963821075DB3E2E53EDEBD0439ED33BC9475CCBE169FBD905366EF120A4F74FC39CD613207CA3F08BABC7FFEFB48CF5E2F945B2B7AFA2E2A2F78E1222315D72A2AD3734D17B8B4CC98422A40C80B7E09077EF45347A29F7ED503FED072D6CE6145528CF4CCFE9A702724364A1EDB10C9A0D856C11B955B6715F06A6F96790231B16104CC2476096C479DDB0AA9D46A4CE7A68BACDF5A2E574C0E0DD8A2E5D2D09A2C8B02A659353E8C5E3C6DED97BD291805F64D489EF42982A8A4DBEC3E3E8C694294DEDB7DD46D22C245D8E7883702354129F181712CD2883EC70AB0546F766928C686B77F8867F48A41CFBF1C59AE6FDAF626CA4EED5E18017B40922
HKLM\...\Policies\Explorer: [3212083974] 0x504B0304B950BEAF068374BFB51100000040000064C73C78C4D1BFD450389A60F1802EC0A295D406E3FD1E00886ADA092030A3CFA2166609CB66DEA6FBCF409B677511CF22BD5941C01BB23EB698B44A4D6FA3B67B8A3950591014EB7C60D2EA49A34F0761F688D5A2113141DA5A3D2A5B4D2DFDF1062CA58695A2C499D0BFBC3DA803C66F3FB5F3968F84A0AAD50E275CF8B3042C1C8C281404DFD533EBDBA54C1BA895AF712EF4BF089237D055E79EE01DC243618C0C8C3E7D02624910D74695D07D990B1AB283A7A54E674544E7C485BFA205CCA6FCA037C8C6BACE2EDB947CC2D3AA22CE84F3FD9867EFD37704BF8F5721EA774D6EB91CD7B6AC31F1F5A75877F82E3A8E3D8C75EDC745001AFD7931D0FF9FC0EED7D0B6C4C66D31153EEFFF368F138572F11E39FC9D99FA660060732778C7AED671CEC0A0CD35EEFEF0C1302C1CB22333C3A8FA7A6AA0EA5AF8F971D2BBB2296CD38C987F69DC3C85D521AD5066BC6D20AE1D12D177FE7978B121CE4B5844ECDE59300D3A2AF195BC1935A20664E4041EDF5311AFA1730B22469B419BEDC889DBA4616EC2CCFC73E38D9B5453D38D0FB4F3E6F3D7CC75EE3CEF674167E725403A3E0A9DC2B03E99DA22D2034CAF6884D44F398B6DBA702674D1E4D9120204C360775C4B7321B654270B9BA0026EA92DF393F7A67C745C0A1C001ACDCBACDA3950C968FB0E7FEA28A7C752803B06DEADFF160CC7869DE96173646ADE75A1F959A3D1333C93ED3A423B2BB43F5F04EC2FB1387E0323E181866FAC460A37BB3FC4219A27AF94EBD20FCC198B7D1E39624B3D287B54129B13784A52FA1059EAE90F8750378612200BAB78E682BF9401DB7F4C5129EF298E152E22403A8EE9B6B04BFF1D1E0B281F3359CC771E34465EE499C467AE06E9E28EFFECEF9DB1C22FAEAE24A073F9E3ABC236B5FE3B2B78C1BC2450C17458718391EA1640814AD2AD12769EF1DCA6E4ADC9DB9D2BE9CA266500406FB379CFC61B536566C15FCBC177061A427AE709AC600297522E7B79A0C9CA3ACB998FB1B7A19BE01029BAC5C16EB2C2370ADF9C6E4400D3979CF738522D7D40FED3C22525D94DBC8657A1CEF056DE597C6A86B8CF4C156D5406052085BD5F298E11E13375134415803E438B32A0D22FB113D05FBC2787EAC1AE73799BEF8E4FB5F2BDFAF20BF3DB3ADB070C5143218325CA9BA36AE8C2705F84D6DC6F5B7D3D458DA4D5ABE5690A1149E8A4EA76EEA5EF93C93CB1C8E83367753169F3BA2428E299BFCF45687FC959527445675EEDB5F14BE7BF94EA00C3227751B90B16A9E39F4B2F61E4145E81FF21BB128460C17B58034D70162462937451514BFF0DD36FB0714A477D57D6505DCDB6087EF9BB35E20316729198610C7923E7F9E17D1FB9040CCF2BF45C6D5F242391F3E8011B64B232F7CF06AAF78968FF6FB9AEA1DE5D8044AED5EB14F073B573AAD61C48A66A883938AAAF478207FF514D96788E696E304A686C18019206B087AF7C8D6E1679B416F9AE8AB1927F1BA720E9C47B32716C19D537FD5A0DEBCF7875E56E38D6A5A20EE2F33E4B2CDA8A1AE0DC37F23364B0A0680A1E2CCAC3E44CFC3255BAE845090276B28D8849F9F9335E1F129EB23BC713A8005FED87EDDAB9824F6805C967DF1E3E5CFAEA5DFB9B1643091CE374695CD9DD4D798BFBE23B40B012B55A0126B9785FC9217E872E4A61EC29862D033BC4D903ECAC8695DDD328607D645C32B9AE5B0ADAE3E4FE07EB3AF6A5B98D9E498D732F7F6BEA866AEF53D7A4768628F95BF46F6517A850A3D876A4B55F652D3AE8C1135D6554EF22A494623544FD53AFA5E51629AE2EF6D37362E5FE8998F95217806CED9D77456FA5B52B9A182BBE8732B5556C0839781A020EA281348B3E96B8BF57044E80EE0750A01212AC441B4528DB768D364F2809A388EC42F94178C63F6E06C7C2E78B8D8B6304502A54AAD9DA82EC41D9ED0D74456CBDC81E488C77EC74597EF1648F1027459B9CA9BD2D0F7EC3A1572C4B7CE1A255C6479AE62551A44BBDE8BF353D9D8D2BC00110D22E2BDFDE36EE37D558A79247058DF02B34BA9BA02ECE3F2F443AAA2CF85701D5A2E43E7E44C4E4599C12DD803288A748B962768C3EA34DDF1E8C2AFD63914E5154C0071269D709DD8B5E2957BB0F7C23449D7D434F0957BFBE7E097FC0B8084DBDD32F25212652A04706DF3980AC4CA2BCFBEF97F81D82A7A2E992F2A75AD565B9050D5CA5F3E0148EFB5A37E970FB4E623A5926742DE39730E7D69D760BC14FCD00DED2F535AB6F2F8E78741BE46CC90178A579C94C3FF443BC0B6DFB0637F87BBD1808217EC20EBDEE6BD7BF74EF160924210F272D73CF40F07DF6ACC353B3058B83B4AD96FAE00CCC5638216516070196C11B9A7448D7DE4010A0E042E840FC49C63772034AD459FD28F97AFBD74B40E98482A67995FFD2BA1D7CA5E31B985A3A5A3725636A4D352917F91F54EB8A32224395B15DA55BC8595D3B9B926FBAE95D0F753EA7CBD5F771EE3B71A839B093A96D040BBD471732B86B2CB585170AEDD09A00F901E183A78D8BBFD233DE09BAB323145EC348A183F4C7C290536C73CC4B1531DB312642072A6A8EC4D08C96E7514FF200891810D549B5D42EDC037E1C4530E8E113CC9F4575BBF358C270950C7BDA1FB5718F0B1CB853FB82A224D1B553F9D01F5618408F8483CCC68FAC88DFBF5C1E2C98CDC4A43390200F02AADA6AD09AE2F1E6F91EBC59CDC81E620818EC0805FA50056C314646AD7A154F55F80C9A4E3D4FAC5DCB204878BFF75879E1E373D9A1389653CA80710684806B09253A0D4D5B775F0DACFFBBE3501ACBE66348D1DBBC44493A8225814405A6A975528872E388A41CD26033092ABAC483BC426E1D6EE5AE048D459175E24A3F37E48C4B98934931E56332D4162971A009138DF2B13C8DF438D098533A8541CEB5AC545865FFC327DF082285A48BCDFD47777527177F2CF227C5E5328545C35DDA7FE20D99393B2133FF3476F3C059A7B27B25C08671FC0E8DB5D16C763CFE27A897ADA2D43FC5127BA628A09B17C595806BF0FEB05D408BA774D7CE025D55E486BE78F0D68AE076B7DA45BF02F8BE41BD21549A07357507F5185A5499814286AE060D7D64A6179A73557716A0EF2546B369C044018186F4055007469615E1EEFEA03529840E9D6745E82DAE8DC4708A7D7BB9D4DE579504D8D3BCF784797656AAB7ED9AB52C89871EA365A8706ACAFA093E272DC8A9032D47FF15E899437EF267DB2E0456CE974CC4151A879296D3F700D94637BB753C13D0D1BC9C0A3570B1E706C1EE63B92510FB39A4C10E749CB4045F612DB50EA8A1FE08C158D5415A0EC5B8B73E9CA98221CD481B313BEDB1BDB85295AA8B34A895BEB3B63F013C31BC4F191BCB7E773CE4C653EC84D54B6B9FF985848345B97D37E837E96D944A9890DB257D339F51A09674CF038D9E1E93FC06CDB7FB4B2DA0E93D6D9C6D2878B6387F06353ED017D9095BC652FDC965A00202B6ED28111D8EC1A057C4DEBC51C68FBB65AF9762DC78BFDFC22C53C5670AD97AB2858C49BE700CB82BB3E4F25CA268E6E95FB7AABD740BA536F5BB18470F512412CAA2D59466CD31F6002E9BE9A7BAF140E9906CA7DADD42110F40C4FD9760256B2198912AA6ECA53292181CDDC40FAE78436B7535711FBE0B3E560D90C85D7E1AF1C3685FF3404CB4992CDE7DA2251DB44189271FB2493F978A0B824FC2A46807F3FF7A0741EE2F93507ED9669D3CC0EC5D199E8321C27EEC7B24379432E0FA77E23AF5046AD115C859441E4FF10F7E84C62B22BDF3DC979B89F202F1AD959D74DC4FF55A9653CB16213E7F625811C83CAF773E6EC52BA4241B240600E4F091ED19BD2120BA5FC2D95A5A3AD6202C8D3CDEB9752F6DD0EB626D682BE34F5C86E163FF471EB75EA06500C0FD1C3CF4F5048B33E4D6CA694F810E2FAF1B35FD3D4B0ACA1CE1DB3E0C3A3C994B4914257359FCB3D974066E06DD14596B6FE10B2AD9455629D910B99E2BE083B23EB3EB31E7C7804B7425F19E4FD823A00FE001E02B5DD9987490E2BA86093D8AB59689B4597535EB56E09CF28D6973C7DCCB770378086817DDA3862D072AE483F6484CB719AE61FDBDEEA2ED3F366E73E85571EA082155E5D890991915ADF868F4683F7A699AEC4E02C6ADEAA2B9ACD55EE834914E367971AF291F584C8887DAB7FCAD218C0F367615C49357E84708E4D3EB829D7B8397B9FC7E34C5FC6DDBD593468445B85CD8CC998E59C6333E32BB343F32CF81F7D155A6A39470AD59886909BE51B12A322EC281A0F1E973028B65F69A7D4EB51EC5C27641C2447CEEC275A5AB85EE49C0F37E5F6A31CAEE8379DE6E41995A994DC0F2D4A2FAB6D9AA9E600B3DA82766E7406D3AD858626FD0E58A56772169D20E01E12A7B08860325FA7FCB41CE239F5FFED34956B3F5FE88E7D103C013ABE65D4BAA13BDC35F0CE321213600865C0D865BCE53004382B9EF8A5EBE5B10748AAD9EE942E49FE34D3618D27F0CE2D4EA2DC81E53B311DAA6DD69C667E87F9C93A3F44584E7CD80984F218EFF3AF792209A4BE4C33EC5982F5BBBC9C12B0F3D74BDB176879B50A456790C9A5C9B34D97AEECC2117A0BAC9E1B1D1171465D4692723BFC2ABF615908F654A9645FF41235CE391CD2C62D49CBA4B2CA9A8C518B9452D4C80280895E3E678E56A9BFD2709916C61401124DC4FB38A028BF9739BF85473CB5297A12B174974606E9017B9E5C8795F3618FFB2DC225E825DB3D253A446800D2A62BD91EF80C9A52A7FF749168E67E72177D0C5A9131F6CBC1869403CE1D71D5EE0C8A5210B5BDC087CCAD9995B82C496E4DB66A50804E1AE3FD8C83C21BA985E288976B97CCD82958CA702AEDFCF3BDAC003243A863032EFEBD351C2217B357FB3C17018B5A18E0D4E0538B03678F1E5142C0D3313200E9E78CB6D34CF882FBCFEEC129C0CE96C53ADF9C9A3409242DC1D22518C4FC477230274D55DAB56C89D217E0BEF9A02494968BDFCC79714B298C6417D9BE0387AEE17DD859328CAE4A0012F8E5D6800128F0857A912BD376EF889BFD286921C97B79DD936524D8EF516602720A8EBB4781007A5FE972C777A6CE80ECE1FCBE1460912850E25C25E45F003C840F4EF1D6B9B9653A412080583845947D6F478E429556B040E5D127FFC20E9DE4E6230A6CE44DB2C8DB4834CFC0AE31E935F554BBE0DE967AB391F4540504EF2E42699C040A94EAB7AF781A8D999F428F9347A3DFFCE8D8F1FF3F4542D5BBA2F1981C1B73F112E5EDA93FDF47D9D95027693E599910ABBB5C4E0F48296D38FC3ABC689E7FA4E9AE816517BD0E086EBE2A87261F6BD56E0FDD9CB69104E4ACD06BAF2893EB12665D58AF2021229FE55767798CE1CF127A75D138F5A5648311B166C13A7E310922D846C0A251171995ED26289CC7B7B798FEC972836B957073AA567E70DBB7C68F04EEB50AA19488872C666CAE9BFE63101A3EB7E556C3C1A00410C867EFAD524E975D158D3A52197ADE62DFD502C4B99B48FBBFBAACA6F224EDED597D01E4314771795A66B0CDA648167EDC2EE7F32C75A58D799756DAF157EDF4AEAF0212992CA96FECCD36BCD0ED747A1ECDBE5A93D3BE12B8BD1276AD282076DE3088B9353A0E82EE6E29113BE2294E74599E535FD70B380F5033137B2439C330109D9A186189EDD628D91917ECB3589AA0F38FC0EFE58694304AD3B8CB69FB29671A16CA67B5D12893E817C61B68B8E99778A4597B50A63756C6AE24DB916DA8D71E159D755B1E357C260768B38B255F24719D9E137FD21888F9983D539C3C9A3FBF00D180ABDD1D77564E436B671F54DB9A0D1C5E593A16F4CBED7D3902D3CBA66833167D9D398024527BAB5517106A072D904B529E144F35FB546FC0AF9031C492DE3DF6A7C6F5CF63BEB7C34EC22626B0C623F5613ACDEAE04CEBB63CC5F9CE29F855268A45F67AF3091C65A60446FD79CE38F5A28795B35EAC84C169DA15AFC5BEDCDF3B47AE608C3774E915C025127DBB591829269AC1512034E9D25492B058FC6359ACBEE7FE3AA52691614F10EF87925B37DFFC5E2E2A5F8014BAC1A9A4FD0D86C4FB90838CEEBFF3D0A3F1E313E12F957EAA5E47EF23639CBF8BC6CCEE47F1F6E5B25036AE5072B527CFC8D315D9A9503029409FB38B65932D0A36F07399CB3DDE154D960D6D0C0C0FFB4BB34882AD6AED644E031B16CE3C5C5FFF7731FD6B2A75CD634D4CF9810DF9FC27227F6785358A1F0ADAD679C9A86E29CC95EEB172FB08FD4BC168C5D96092526B6647E246786F6FC23ABF3EB9CE9EDB2E785D1A91C000672B5A4BA61BC60CFEE37E64771D2E234D7539637F6046495A88B41EC01003AC461F3484399E5603762E36DCE2A93A201AD0470EC2AC554F1C54647
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex
HKU\S-1-5-21-1882700298-3463415617-1241153446-1000\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1882700298-3463415617-1241153446-1000\...\Run: [slimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x91D3CB18876ECC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
URLSearchHook: HKCU - (No Name) - {167d9323-f7cc-48f5-948a-6f012831a69f} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {167D9323-F7CC-48F5-948A-6F012831A69F} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave.com/content/insaniquarium/sis/popcaploader_v10.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\MARKMO~1\AppData\Local\Temp\crx24FF.tmp [2011-11-09]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)

==================== Drivers (Whitelisted) ====================

S3 Gun; C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys [45176 2012-08-23] ()
S3 GunBod; C:\Game\SoftnyxGame\GunboundIS\avital\gunbod64.sys [86352 2014-04-15] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S1 cqtpeswt; \??\C:\Windows\system32\drivers\cqtpeswt.sys [X]
S1 lxnqqfmk; \??\C:\Windows\system32\drivers\lxnqqfmk.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-27 23:16 - 2014-05-27 23:16 - 00039283 _____ () C:\Users\Mark \Desktop\FRST.txt
2014-05-27 23:16 - 2014-05-27 23:16 - 00000000 ____D () C:\FRST
2014-05-27 23:14 - 2014-05-27 23:14 - 02066944 _____ (Farbar) C:\Users\Mark \Desktop\FRST64.exe
2014-05-27 20:39 - 2014-05-27 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-27 16:18 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-27 16:18 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-27 16:18 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-27 16:18 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-27 16:18 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-27 16:18 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-27 16:18 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-27 16:18 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-27 16:18 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-27 16:18 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-27 16:18 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-27 16:18 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-27 16:18 - 2013-08-01 20:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-05-27 16:18 - 2013-08-01 20:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-05-27 16:18 - 2013-08-01 18:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 18:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 18:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-27 16:18 - 2013-08-01 18:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-27 16:18 - 2013-01-24 00:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-27 16:13 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-05-27 16:13 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-05-27 16:13 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-05-27 16:13 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-27 16:13 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-05-27 16:13 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-05-27 16:13 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-05-27 16:13 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-05-27 16:13 - 2013-08-27 03:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-05-27 16:13 - 2013-08-27 03:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-05-27 16:13 - 2013-08-27 02:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-27 16:13 - 2013-08-01 06:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-27 16:13 - 2013-05-12 23:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-05-27 16:13 - 2013-05-12 23:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-05-27 16:13 - 2013-05-12 23:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-05-27 16:13 - 2013-05-12 23:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-05-27 16:13 - 2013-05-12 22:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-27 16:13 - 2013-05-12 22:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-05-27 16:13 - 2013-05-12 22:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-05-27 16:13 - 2013-05-12 21:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-05-27 16:13 - 2013-05-12 21:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-05-27 16:13 - 2013-05-12 21:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-05-27 16:13 - 2013-04-10 00:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-27 16:13 - 2011-02-03 05:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-05-27 15:51 - 2013-05-09 23:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-05-27 15:51 - 2013-05-09 23:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-05-27 15:51 - 2013-05-09 22:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-05-27 15:51 - 2013-05-09 22:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-05-27 15:37 - 2014-05-27 15:37 - 00271840 _____ () C:\Windows\Minidump\052714-28236-01.dmp
2014-05-27 14:40 - 2014-05-27 14:40 - 00000000 __SHD () C:\Users\Mark \AppData\Local\EmieUserList
2014-05-27 14:40 - 2014-05-27 14:40 - 00000000 __SHD () C:\Users\Mark \AppData\Local\EmieSiteList
2014-05-27 14:19 - 2014-05-27 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-27 14:08 - 2014-05-27 14:08 - 00002916 _____ () C:\Users\Mark \Desktop\RKreport[0]_S_05272014_140830.txt
2014-05-27 14:01 - 2014-05-27 14:58 - 00000000 ____D () C:\Users\Mark \Desktop\RK_Quarantine
2014-05-27 12:57 - 2014-05-27 13:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-27 12:27 - 2014-05-27 20:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-27 00:13 - 2014-01-27 20:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-27 00:13 - 2013-10-29 20:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-05-27 00:13 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-05-27 00:13 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-05-27 00:13 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-05-27 00:13 - 2013-03-18 23:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-05-26 23:24 - 2014-05-27 22:52 - 00000000 ____D () C:\Users\Mark \AppData\Local\CrashDumps
2014-05-26 23:19 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-26 23:19 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-26 23:19 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-26 23:19 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-26 23:19 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-26 23:19 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-05-26 23:12 - 2014-03-07 22:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-26 23:12 - 2014-03-07 22:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-26 23:12 - 2014-03-07 21:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-26 23:12 - 2014-03-07 21:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-26 23:12 - 2014-03-07 21:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-26 23:12 - 2014-03-07 21:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-26 23:12 - 2014-03-07 21:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-26 23:12 - 2014-03-07 21:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-26 23:12 - 2014-03-07 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-26 23:12 - 2014-03-07 21:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-26 23:12 - 2014-03-07 21:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-26 23:12 - 2014-03-07 21:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-26 23:12 - 2014-03-07 21:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-26 23:12 - 2014-03-07 21:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-26 23:12 - 2014-03-07 21:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-26 23:12 - 2014-03-07 21:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-26 23:12 - 2014-03-07 17:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-26 23:12 - 2014-03-07 17:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-26 23:12 - 2014-03-07 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-26 23:12 - 2014-03-07 17:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-26 23:12 - 2014-03-07 17:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-26 23:12 - 2014-03-07 17:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-26 23:12 - 2014-03-07 17:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-26 23:12 - 2014-03-07 16:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-26 23:12 - 2014-03-07 16:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-26 23:12 - 2014-03-07 16:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-26 23:12 - 2014-03-07 16:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-26 23:12 - 2014-03-07 16:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-26 23:12 - 2014-03-07 16:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-26 23:12 - 2014-03-07 16:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-26 23:12 - 2014-03-07 16:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-26 23:12 - 2014-03-07 16:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-26 23:10 - 2014-05-26 23:11 - 00263264 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-05-26 22:18 - 2014-05-26 23:28 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 22:16 - 2014-05-27 17:20 - 00000000 ____D () C:\Users\Mark \Desktop\mbar
2014-05-26 22:16 - 2014-05-26 23:28 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-26 22:12 - 2014-05-26 22:12 - 03972608 _____ () C:\Users\Mark \Desktop\RogueKiller.exe
2014-05-26 22:10 - 2014-05-26 22:10 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mark \Desktop\mbar-1.07.0.1009.exe
2014-05-26 21:53 - 2014-05-26 21:53 - 01016261 _____ (Thisisu) C:\Users\Mark \Desktop\JRT.exe
2014-05-26 20:05 - 2014-05-27 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-26 19:41 - 2014-05-27 17:12 - 00000000 ____D () C:\Windows\ERUNT
2014-05-26 19:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-26 19:25 - 2014-05-26 19:25 - 01327971 _____ () C:\Users\Mark \Desktop\adwcleaner_3.211.exe
2014-05-12 13:41 - 2014-05-12 14:44 - 00000000 ____D () C:\Users\Mark \Desktop\JA
2014-05-06 01:03 - 2014-05-06 01:03 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-06 01:03 - 2014-05-06 01:03 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-05-02 19:20 - 2014-05-02 19:20 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-02 19:20 - 2014-05-02 19:20 - 00000000 ____D () C:\Program Files\Realtek
2014-05-02 19:19 - 2014-05-02 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-02 19:19 - 2013-11-05 19:47 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-02 19:19 - 2013-11-05 15:48 - 00681905 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-02 19:19 - 2013-11-04 19:26 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-02 19:19 - 2013-11-04 11:11 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-02 19:19 - 2013-10-28 17:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-02 19:19 - 2013-10-18 16:41 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-05-02 19:19 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-05-02 19:19 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-05-02 19:19 - 2013-10-09 20:12 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-05-02 19:19 - 2013-10-09 20:12 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-05-02 19:19 - 2013-10-09 20:12 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-05-02 19:19 - 2013-10-07 11:05 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-05-02 19:19 - 2013-10-02 17:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-02 19:19 - 2013-09-26 21:40 - 01993496 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2014-05-02 19:19 - 2013-09-26 21:40 - 01722648 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2014-05-02 19:19 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-02 19:19 - 2013-07-30 14:04 - 00397080 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-05-02 19:19 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-05-02 19:19 - 2013-01-11 16:27 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2014-05-02 19:19 - 2013-01-11 16:27 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2014-05-02 19:19 - 2012-06-08 16:21 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2014-05-02 19:19 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2014-05-02 19:19 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-05-02 19:19 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-05-02 19:19 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-05-02 19:19 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-05-02 19:19 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-05-02 19:19 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-05-02 19:19 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-05-02 19:19 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-05-02 19:19 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-05-02 19:19 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-05-02 19:19 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-05-02 19:19 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-05-02 19:19 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-05-02 19:19 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-05-02 19:19 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-05-02 19:18 - 2013-09-13 18:44 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-04-29 13:58 - 2014-04-29 13:58 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-04-29 13:57 - 2014-04-29 13:57 - 00003350 _____ () C:\Windows\System32\Tasks\{FCFCEC91-E1CA-4561-89C0-FDE24A04735C}
2014-04-29 13:30 - 2014-04-30 18:45 - 00000000 ____D () C:\Users\Mark \AppData\Local\ArmA 2 OA
2014-04-29 13:12 - 2014-04-29 14:19 - 00000000 ____D () C:\Users\Mark \Documents\ArmA 2
2014-04-29 13:12 - 2014-04-29 13:30 - 00000000 ____D () C:\Users\Mark \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-04-29 13:12 - 2014-04-29 13:13 - 00000000 ____D () C:\Users\Mark \AppData\Local\ArmA 2
2014-04-29 13:12 - 2014-04-29 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-04-29 02:50 - 2014-04-29 02:50 - 00000000 ____D () C:\Users\Mark \Documents\TacticalIntervention

==================== One Month Modified Files and Folders =======

2014-05-27 23:16 - 2014-05-27 23:16 - 00039283 _____ () C:\Users\Mark \Desktop\FRST.txt
2014-05-27 23:16 - 2014-05-27 23:16 - 00000000 ____D () C:\FRST
2014-05-27 23:14 - 2014-05-27 23:14 - 02066944 _____ (Farbar) C:\Users\Mark \Desktop\FRST64.exe
2014-05-27 23:06 - 2009-07-13 23:13 - 00726270 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 22:56 - 2011-09-27 10:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-27 22:54 - 2011-09-08 18:17 - 01506283 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 22:52 - 2014-05-26 23:24 - 00000000 ____D () C:\Users\Mark \AppData\Local\CrashDumps
2014-05-27 22:52 - 2013-12-16 18:05 - 00000000 ____D () C:\Users\Mark \AppData\Local\PMB Files
2014-05-27 22:52 - 2013-12-16 18:05 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-27 22:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At94.job
2014-05-27 22:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At93.job
2014-05-27 22:47 - 2013-06-27 03:18 - 00000340 _____ () C:\Windows\Tasks\At46.job
2014-05-27 22:47 - 2013-06-27 03:18 - 00000338 _____ () C:\Windows\Tasks\At45.job
2014-05-27 22:47 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 22:47 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 22:39 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 22:39 - 2009-07-13 22:51 - 00127951 _____ () C:\Windows\setupact.log
2014-05-27 22:38 - 2011-09-08 19:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-27 22:37 - 2013-11-09 17:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-05-27 22:35 - 2011-09-10 02:19 - 00000000 ____D () C:\Users\Mark \AppData\Roaming\Skype
2014-05-27 22:23 - 2012-03-31 13:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 20:39 - 2014-05-27 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-27 20:39 - 2014-05-27 12:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-27 20:39 - 2011-10-01 12:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-27 17:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At84.job
2014-05-27 17:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At83.job
2014-05-27 17:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At36.job
2014-05-27 17:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At35.job
2014-05-27 17:21 - 2009-07-14 01:45 - 00000000 ____D () C:\Windows\ShellNew
2014-05-27 17:21 - 2009-07-14 01:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-27 17:21 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-05-27 17:21 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-27 17:21 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-27 17:21 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-27 17:21 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-27 17:20 - 2014-05-26 22:16 - 00000000 ____D () C:\Users\Mark \Desktop\mbar
2014-05-27 17:20 - 2014-05-26 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-27 17:20 - 2013-12-16 21:59 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-05-27 17:20 - 2013-12-16 21:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-05-27 17:20 - 2013-08-25 20:39 - 00000000 ____D () C:\Users\Mark \AppData\Roaming\FLEXnet
2014-05-27 17:20 - 2012-05-11 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-27 17:20 - 2011-11-28 21:27 - 00000000 ____D () C:\Users\Mark \AppData\Roaming\Ventrilo
2014-05-27 17:20 - 2011-09-10 02:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-27 17:20 - 2011-09-08 18:18 - 00000000 ___RD () C:\Users\Mark \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 17:20 - 2011-09-08 18:18 - 00000000 ___RD () C:\Users\Mark \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 17:20 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\servicing
2014-05-27 17:20 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-27 17:20 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-27 17:19 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2014-05-27 17:12 - 2014-05-26 19:41 - 00000000 ____D () C:\Windows\ERUNT
2014-05-27 17:10 - 2011-09-10 02:19 - 00000000 ____D () C:\ProgramData\Skype
2014-05-27 16:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At82.job
2014-05-27 16:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At81.job
2014-05-27 16:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At34.job
2014-05-27 16:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At33.job
2014-05-27 16:09 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-27 15:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At80.job
2014-05-27 15:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At79.job
2014-05-27 15:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At32.job
2014-05-27 15:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At31.job
2014-05-27 15:38 - 2011-09-08 18:28 - 00087360 _____ () C:\Users\Mark \AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 15:37 - 2014-05-27 15:37 - 00271840 _____ () C:\Windows\Minidump\052714-28236-01.dmp
2014-05-27 15:37 - 2011-11-10 03:32 - 241784196 _____ () C:\Windows\MEMORY.DMP
2014-05-27 15:37 - 2011-11-10 03:32 - 00000000 ____D () C:\Windows\Minidump
2014-05-27 15:37 - 2011-09-08 18:17 - 00000000 ____D () C:\Users\Mark
2014-05-27 14:58 - 2014-05-27 14:01 - 00000000 ____D () C:\Users\Mark \Desktop\RK_Quarantine
2014-05-27 14:57 - 2014-05-27 14:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-27 14:40 - 2014-05-27 14:40 - 00000000 __SHD () C:\Users\Mark \AppData\Local\EmieUserList
2014-05-27 14:40 - 2014-05-27 14:40 - 00000000 __SHD () C:\Users\Mark \AppData\Local\EmieSiteList
2014-05-27 14:12 - 2013-10-02 21:18 - 00000000 ____D () C:\AdwCleaner
2014-05-27 14:08 - 2014-05-27 14:08 - 00002916 _____ () C:\Users\Mark \Desktop\RKreport[0]_S_05272014_140830.txt
2014-05-27 13:03 - 2014-05-27 12:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-27 00:47 - 2013-06-27 03:18 - 00000338 _____ () C:\Windows\Tasks\At47.job
2014-05-26 23:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At96.job
2014-05-26 23:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At95.job
2014-05-26 23:47 - 2013-06-27 03:18 - 00000340 _____ () C:\Windows\Tasks\At48.job
2014-05-26 23:28 - 2014-05-26 22:18 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-26 23:28 - 2014-05-26 22:16 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-26 23:11 - 2014-05-26 23:10 - 00263264 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-05-26 22:12 - 2014-05-26 22:12 - 03972608 _____ () C:\Users\Mark \Desktop\RogueKiller.exe
2014-05-26 22:10 - 2014-05-26 22:10 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Mark \Desktop\mbar-1.07.0.1009.exe
2014-05-26 21:53 - 2014-05-26 21:53 - 01016261 _____ (Thisisu) C:\Users\Mark \Desktop\JRT.exe
2014-05-26 21:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At92.job
2014-05-26 21:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At91.job
2014-05-26 21:47 - 2013-06-27 03:18 - 00000340 _____ () C:\Windows\Tasks\At44.job
2014-05-26 21:47 - 2013-06-27 03:18 - 00000338 _____ () C:\Windows\Tasks\At43.job
2014-05-26 21:10 - 2011-09-08 19:26 - 00090580 _____ () C:\Windows\PFRO.log
2014-05-26 20:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At90.job
2014-05-26 20:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At89.job
2014-05-26 20:47 - 2013-06-27 03:18 - 00000340 _____ () C:\Windows\Tasks\At42.job
2014-05-26 20:47 - 2013-06-27 03:18 - 00000338 _____ () C:\Windows\Tasks\At41.job
2014-05-26 19:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At88.job
2014-05-26 19:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At87.job
2014-05-26 19:47 - 2013-06-27 03:18 - 00000340 _____ () C:\Windows\Tasks\At40.job
2014-05-26 19:47 - 2013-06-27 03:18 - 00000338 _____ () C:\Windows\Tasks\At39.job
2014-05-26 19:25 - 2014-05-26 19:25 - 01327971 _____ () C:\Users\Mark \Desktop\adwcleaner_3.211.exe
2014-05-26 18:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At86.job
2014-05-26 18:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At85.job
2014-05-26 18:47 - 2013-06-27 03:18 - 00000340 _____ () C:\Windows\Tasks\At38.job
2014-05-26 18:47 - 2013-06-27 03:18 - 00000338 _____ () C:\Windows\Tasks\At37.job
2014-05-22 13:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At76.job
2014-05-22 13:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At75.job
2014-05-22 13:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At28.job
2014-05-22 13:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At27.job
2014-05-22 12:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At74.job
2014-05-22 12:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At73.job
2014-05-22 12:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At26.job
2014-05-22 12:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At25.job
2014-05-22 02:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At54.job
2014-05-22 02:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At53.job
2014-05-22 02:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At6.job
2014-05-22 02:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At5.job
2014-05-22 01:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At52.job
2014-05-22 01:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At51.job
2014-05-22 01:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At4.job
2014-05-22 01:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At3.job
2014-05-22 00:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At50.job
2014-05-22 00:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At49.job
2014-05-22 00:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At2.job
2014-05-22 00:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At1.job
2014-05-21 14:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At78.job
2014-05-21 14:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At77.job
2014-05-21 14:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At30.job
2014-05-21 14:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At29.job
2014-05-21 12:16 - 2013-12-16 21:16 - 00000448 _____ () C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Mark ).job
2014-05-21 11:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At72.job
2014-05-21 11:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At71.job
2014-05-21 11:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At24.job
2014-05-21 11:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At23.job
2014-05-14 03:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At56.job
2014-05-14 03:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At55.job
2014-05-14 03:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At8.job
2014-05-14 03:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At7.job
2014-05-13 13:23 - 2012-03-31 13:45 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 13:23 - 2012-03-31 13:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 13:23 - 2011-09-08 18:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-12 14:44 - 2014-05-12 13:41 - 00000000 ____D () C:\Users\Mark \Desktop\JA
2014-05-12 02:52 - 2011-11-05 18:04 - 00209660 _____ () C:\Windows\DirectX.log
2014-05-10 10:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At70.job
2014-05-10 10:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At69.job
2014-05-10 10:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At22.job
2014-05-10 10:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At21.job
2014-05-06 01:03 - 2014-05-06 01:03 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-05-06 01:03 - 2014-05-06 01:03 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-05-02 19:20 - 2014-05-02 19:20 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-02 19:20 - 2014-05-02 19:20 - 00000000 ____D () C:\Program Files\Realtek
2014-05-02 19:19 - 2014-05-02 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-02 19:19 - 2012-01-17 18:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-01 04:47 - 2013-06-27 03:24 - 00000340 _____ () C:\Windows\Tasks\At58.job
2014-05-01 04:47 - 2013-06-27 03:24 - 00000338 _____ () C:\Windows\Tasks\At57.job
2014-05-01 04:47 - 2013-06-27 03:17 - 00000340 _____ () C:\Windows\Tasks\At10.job
2014-05-01 04:47 - 2013-06-27 03:17 - 00000338 _____ () C:\Windows\Tasks\At9.job
2014-04-30 18:45 - 2014-04-29 13:30 - 00000000 ____D () C:\Users\Mark \AppData\Local\ArmA 2 OA
2014-04-29 14:19 - 2014-04-29 13:12 - 00000000 ____D () C:\Users\Mark \Documents\ArmA 2
2014-04-29 13:58 - 2014-04-29 13:58 - 00000000 ____D () C:\ProgramData\Bohemia Interactive Studio
2014-04-29 13:57 - 2014-04-29 13:57 - 00003350 _____ () C:\Windows\System32\Tasks\{FCFCEC91-E1CA-4561-89C0-FDE24A04735C}
2014-04-29 13:30 - 2014-04-29 13:12 - 00000000 ____D () C:\Users\Mark \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-04-29 13:13 - 2014-04-29 13:12 - 00000000 ____D () C:\Users\Mark \AppData\Local\ArmA 2
2014-04-29 13:12 - 2014-04-29 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-04-29 02:50 - 2014-04-29 02:50 - 00000000 ____D () C:\Users\Mark \Documents\TacticalIntervention
2014-04-27 17:22 - 2011-09-10 01:58 - 00000000 ____D () C:\Users\Mark \Documents\School

Files to move or delete:
====================
C:\ProgramData\24vFdkY3.dat
C:\ProgramData\xjfbnodlc.odd
C:\Users\Mark \jagex_cl_oldschool_LIVE.dat
C:\Users\Mark \jagex_cl_runescape_LIVE.dat
C:\Users\Mark \jagex_cl_runescape_LIVE1.dat
C:\Users\Mark \random.dat
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At10.job
C:\Windows\Tasks\At11.job
C:\Windows\Tasks\At12.job
C:\Windows\Tasks\At13.job
C:\Windows\Tasks\At14.job
C:\Windows\Tasks\At15.job
C:\Windows\Tasks\At16.job
C:\Windows\Tasks\At17.job
C:\Windows\Tasks\At18.job
C:\Windows\Tasks\At19.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At20.job
C:\Windows\Tasks\At21.job
C:\Windows\Tasks\At22.job
C:\Windows\Tasks\At23.job
C:\Windows\Tasks\At24.job
C:\Windows\Tasks\At25.job
C:\Windows\Tasks\At26.job
C:\Windows\Tasks\At27.job
C:\Windows\Tasks\At28.job
C:\Windows\Tasks\At29.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At30.job
C:\Windows\Tasks\At31.job
C:\Windows\Tasks\At32.job
C:\Windows\Tasks\At33.job
C:\Windows\Tasks\At34.job
C:\Windows\Tasks\At35.job
C:\Windows\Tasks\At36.job
C:\Windows\Tasks\At37.job
C:\Windows\Tasks\At38.job
C:\Windows\Tasks\At39.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At40.job
C:\Windows\Tasks\At41.job
C:\Windows\Tasks\At42.job
C:\Windows\Tasks\At43.job
C:\Windows\Tasks\At44.job
C:\Windows\Tasks\At45.job
C:\Windows\Tasks\At46.job
C:\Windows\Tasks\At47.job
C:\Windows\Tasks\At48.job
C:\Windows\Tasks\At49.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At50.job
C:\Windows\Tasks\At51.job
C:\Windows\Tasks\At52.job
C:\Windows\Tasks\At53.job
C:\Windows\Tasks\At54.job
C:\Windows\Tasks\At55.job
C:\Windows\Tasks\At56.job
C:\Windows\Tasks\At57.job
C:\Windows\Tasks\At58.job
C:\Windows\Tasks\At59.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At60.job
C:\Windows\Tasks\At61.job
C:\Windows\Tasks\At62.job
C:\Windows\Tasks\At63.job
C:\Windows\Tasks\At64.job
C:\Windows\Tasks\At65.job
C:\Windows\Tasks\At66.job
C:\Windows\Tasks\At67.job
C:\Windows\Tasks\At68.job
C:\Windows\Tasks\At69.job
C:\Windows\Tasks\At7.job
C:\Windows\Tasks\At70.job
C:\Windows\Tasks\At71.job
C:\Windows\Tasks\At72.job
C:\Windows\Tasks\At73.job
C:\Windows\Tasks\At74.job
C:\Windows\Tasks\At75.job
C:\Windows\Tasks\At76.job
C:\Windows\Tasks\At77.job
C:\Windows\Tasks\At78.job
C:\Windows\Tasks\At79.job
C:\Windows\Tasks\At8.job
C:\Windows\Tasks\At80.job
C:\Windows\Tasks\At81.job
C:\Windows\Tasks\At82.job
C:\Windows\Tasks\At83.job
C:\Windows\Tasks\At84.job
C:\Windows\Tasks\At85.job
C:\Windows\Tasks\At86.job
C:\Windows\Tasks\At87.job
C:\Windows\Tasks\At88.job
C:\Windows\Tasks\At89.job
C:\Windows\Tasks\At9.job
C:\Windows\Tasks\At90.job
C:\Windows\Tasks\At91.job
C:\Windows\Tasks\At92.job
C:\Windows\Tasks\At93.job
C:\Windows\Tasks\At94.job
C:\Windows\Tasks\At95.job
C:\Windows\Tasks\At96.job

Some content of TEMP:
====================
C:\Users\Mark \AppData\Local\Temp\0905.dll
C:\Users\Mark \AppData\Local\Temp\11-9_vista64_win7_64_dd_ccc_ocl.exe
C:\Users\Mark \AppData\Local\Temp\2jfuweif.exe
C:\Users\Mark \AppData\Local\Temp\fad3134439b1327d0721db6f5e25b3ca.dll
C:\Users\Mark \AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Mark \AppData\Local\Temp\installerdll21427220.dll
C:\Users\Mark \AppData\Local\Temp\installerdll21631254.dll
C:\Users\Mark \AppData\Local\Temp\installerdll21777833.dll
C:\Users\Mark \AppData\Local\Temp\installerdll21778971.dll
C:\Users\Mark \AppData\Local\Temp\installerdll21785040.dll
C:\Users\Mark \AppData\Local\Temp\installerdll22187008.dll
C:\Users\Mark \AppData\Local\Temp\installerdll30077881.dll
C:\Users\Mark \AppData\Local\Temp\installerdll30078833.dll
C:\Users\Mark \AppData\Local\Temp\installerdll30085026.dll
C:\Users\Mark \AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Mark \AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Mark \AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Mark \AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Mark \AppData\Local\Temp\ntdll_dump.dll
C:\Users\Mark \AppData\Local\Temp\OriginLauncher21777833.exe
C:\Users\Mark \AppData\Local\Temp\OriginLauncher30077881.exe
C:\Users\Mark \AppData\Local\Temp\rootsupd.exe
C:\Users\Mark \AppData\Local\Temp\Setup.exe
C:\Users\Mark \AppData\Local\Temp\sonarinst.exe
C:\Users\Mark \AppData\Local\Temp\SRLDetectionLibrary8476160233330623433.dll
C:\Users\Mark \AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Mark \AppData\Local\Temp\tbBitT.dll
C:\Users\Mark \AppData\Local\Temp\tbuTo0.dll
C:\Users\Mark \AppData\Local\Temp\tbuTor.dll
C:\Users\Mark \AppData\Local\Temp\tbWhit.dll
C:\Users\Mark \AppData\Local\Temp\tmp1479.exe
C:\Users\Mark \AppData\Local\Temp\tmp1534.exe
C:\Users\Mark \AppData\Local\Temp\tmp3DDA.exe
C:\Users\Mark \AppData\Local\Temp\tmp44BC.exe
C:\Users\Mark \AppData\Local\Temp\tmp5B58.exe
C:\Users\Mark \AppData\Local\Temp\tmp785A.exe
C:\Users\Mark \AppData\Local\Temp\tmpB6C0.exe
C:\Users\Mark \AppData\Local\Temp\tmpC09F.exe
C:\Users\Mark \AppData\Local\Temp\tmpD98D.exe
C:\Users\Mark \AppData\Local\Temp\tmpF6A.exe
C:\Users\Mark \AppData\Local\Temp\tmpFF54.exe
C:\Users\Mark \AppData\Local\Temp\utildel.exe
C:\Users\Mark \AppData\Local\Temp\vcredist_x64.exe
C:\Users\Mark \AppData\Local\Temp\vcredist_x86.exe
C:\Users\Mark \AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Mark \AppData\Local\Temp\_is5BED.exe
C:\Users\Mark \AppData\Local\Temp\_isD503.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

LastRegBack: 2014-05-19 17:07

==================== End Of Log ============================

Reflexes · May 28, 2014

Post was too long to post both logs.

Log of Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Mark at 2014-05-27 23:17:29
Running from C:\Users\Mark \Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.0.0 - )
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 12.55.03 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
EpicBot (HKLM-x32\...\EpicBot) (Version: - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games)
GunBound Thor's Hammer version 611 (HKLM-x32\...\{DC7D07C7-87FD-4E47-B3AA-BB1BC7550DC1}_is1) (Version: 611 - Softnyx)
GunboundIS (HKLM-x32\...\GunboundIS_is1) (Version: - Softnyx co.,ltd.)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
iTunes (HKLM\...\{37D0157F-45C6-4DB2-9AE5-489DD98CE169}) (Version: 11.1.2.31 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Java SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Java SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JNLP (HKCU\...\JNLP) (Version: - JNLP)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access 2010 (HKLM-x32\...\Office14.AccessR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version: - Microsoft)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MilitaryGame App (HKCU\...\MilitaryGame App) (Version: - Sun Microsystems, Inc.)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rarebot (HKLM-x32\...\Rarebot) (Version: 1.0.1.4 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.40 - Piriform)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds)
Scansoft PDF Professional (x32 Version: - ) Hidden
Secure Download Manager (HKLM-x32\...\{704B1EDC-F99C-43C1-894A-75C7CE0BC372}) (Version: 3.1.30 - Kivuto Solutions Inc.)
Skype™ 5.8 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SMART Regression (HKLM-x32\...\{3CDEE92B-EF77-4808-AC15-F214DFA5C2FD}_is1) (Version: 3.0f - )
Soldier Front 2 (HKLM-x32\...\Steam App 239660) (Version: - Dragonfly)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version: - Raven Software)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tactical Intervention (HKLM-x32\...\Steam App 51100) (Version: - FIX Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{15058154-469F-4794-ACD5-94F8420F9B80}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{995A7832-B512-46D5-87C9-2D71FB541435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C06ABC7E-8923-4BB1-A7A2-197F5A3E0973}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.AccessR_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PRJPROR_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{06ABCB4E-77D8-4420-B2EA-EF51558DBFD1}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{06ABCB4E-77D8-4420-B2EA-EF51558DBFD1}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_SharePointDesigner_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{3613AECC-1454-4DDD-AC36-C42DC16D6DEE}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3613AECC-1454-4DDD-AC36-C42DC16D6DEE}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{5EBDE1DE-3B28-4134-AB00-85CFF2B4F94D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38990592-F6A1-4A26-96C7-0600E36AE794}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.0.5.16135 - Blizzard Entertainment)

==================== Restore Points =========================

27-05-2014 20:43:00 Restore Operation
27-05-2014 21:42:12 Windows Update
28-05-2014 00:24:34 Windows Update
28-05-2014 02:36:56 Windows Update
28-05-2014 04:35:40 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {00148E67-D695-4FA4-A14E-5621C0D39A36} - System32\Tasks\At73 => C:\Windows\Fonts\4ntwY.com
Task: {0068C118-8506-47AD-B664-948D5685F2B4} - System32\Tasks\At83 => C:\Windows\Fonts\4ntwY.com
Task: {00E3E347-7DD4-4C3C-B7C4-4E739CF3F47D} - System32\Tasks\At72 => C:\Windows\Fonts\4ntwY.com
Task: {05AF0D9C-FD46-4191-8D8C-32056D348B70} - System32\Tasks\At20 => C:\Windows\Fonts\4ntwY.com
Task: {0611D24E-F947-484C-AD7B-53C70C2DD826} - System32\Tasks\At13 => C:\Windows\Fonts\4ntwY.com
Task: {09898EBA-4F4E-46B6-910F-BC368C2DDE6C} - System32\Tasks\At15 => C:\Windows\Fonts\4ntwY.com
Task: {0C801192-1070-4AE7-843E-AC796900CD42} - System32\Tasks\At11 => C:\Windows\Fonts\4ntwY.com
Task: {0EDE9D94-E682-4085-9294-F82F2549B0C6} - System32\Tasks\At84 => C:\Windows\Fonts\4ntwY.com
Task: {0F09B2DD-FD92-474D-8ADC-4B6927B0AF79} - System32\Tasks\At79 => C:\Windows\Fonts\4ntwY.com
Task: {1047434F-C0C4-4E89-87B3-00544BE6CB92} - System32\Tasks\At88 => C:\Windows\Fonts\4ntwY.com
Task: {1212BE62-9DA4-47A6-8133-3B2036274F38} - System32\Tasks\At21 => C:\Windows\Fonts\4ntwY.com
Task: {12B57C9B-8549-42C5-93B4-BA3ACF3A356C} - System32\Tasks\At5 => C:\Windows\Fonts\4ntwY.com
Task: {1B472F7C-A815-40F6-8018-1D8B5197C0B5} - System32\Tasks\At37 => C:\Windows\Fonts\4ntwY.com
Task: {1B7A2F6C-EDE2-4B02-A09F-018FC400619A} - System32\Tasks\At24 => C:\Windows\Fonts\4ntwY.com
Task: {1DA192B0-5A3B-4ECC-B8D4-9A80F4F8B04F} - System32\Tasks\At65 => C:\Windows\Fonts\4ntwY.com
Task: {1E2C903A-F9A3-48C1-BAD9-72BF1FBAF3EE} - System32\Tasks\At28 => C:\Windows\Fonts\4ntwY.com
Task: {25C0B77F-0756-40D8-8554-69544533EF72} - System32\Tasks\At92 => C:\Windows\Fonts\4ntwY.com
Task: {25FB7673-D635-48E1-9DDC-85F879149F32} - System32\Tasks\At95 => C:\Windows\Fonts\4ntwY.com
Task: {26EC2C93-2373-4198-B69F-265C37E9B0F2} - System32\Tasks\At86 => C:\Windows\Fonts\4ntwY.com
Task: {27BEAE63-CE76-4727-8C29-F9E09851C99D} - System32\Tasks\At23 => C:\Windows\Fonts\4ntwY.com
Task: {27DF045A-F34D-477B-9309-C9B76E6FEFA5} - System32\Tasks\At49 => C:\Windows\Fonts\4ntwY.com
Task: {2B095888-0FAC-4705-8D37-2979F8B9F42B} - System32\Tasks\At89 => C:\Windows\Fonts\4ntwY.com
Task: {2C1F594E-5589-435C-8774-E8B5DCE8BDB2} - System32\Tasks\At2 => C:\Windows\Fonts\4ntwY.com
Task: {2D67382F-97DD-4A2A-8E13-68416B1296FC} - System32\Tasks\At58 => C:\Windows\Fonts\4ntwY.com
Task: {2E12FE2B-BFE6-44EA-BAAA-83ED108641A2} - System32\Tasks\At85 => C:\Windows\Fonts\4ntwY.com
Task: {2F89FD25-0A9B-437D-8636-5AFFF5068603} - System32\Tasks\At55 => C:\Windows\Fonts\4ntwY.com
Task: {34F7FCBA-2008-46E1-BC56-FB9C481788D2} - System32\Tasks\At54 => C:\Windows\Fonts\4ntwY.com
Task: {36D80F1A-EDF8-487C-929C-7011EAE902BD} - System32\Tasks\At32 => C:\Windows\Fonts\4ntwY.com
Task: {3DE5B824-46A0-4E76-BD08-20313B215314} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {45BB495A-C6E7-4739-8F30-CB021E54C64D} - System32\Tasks\At64 => C:\Windows\Fonts\4ntwY.com
Task: {4CD3F75D-5803-4289-AB69-4DF202F54C61} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Mark ) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {503EC3F6-84B7-4684-B95B-54FB0761DB26} - System32\Tasks\At16 => C:\Windows\Fonts\4ntwY.com
Task: {508D7A98-E744-4766-94A5-A71DCF382F7B} - System32\Tasks\At36 => C:\Windows\Fonts\4ntwY.com
Task: {56C3E832-6FF5-4A2F-9F1A-B2E65500A5A0} - System32\Tasks\At50 => C:\Windows\Fonts\4ntwY.com
Task: {5739F682-B9D9-4DB5-8229-6BFDCCB6DE3B} - System32\Tasks\At69 => C:\Windows\Fonts\4ntwY.com
Task: {59C18219-2F3E-490F-8F76-06C289400211} - System32\Tasks\At76 => C:\Windows\Fonts\4ntwY.com
Task: {63889729-2B20-4AF8-90D9-56864CE94C85} - System32\Tasks\At96 => C:\Windows\Fonts\4ntwY.com
Task: {66119B6C-BDFB-4C11-960E-19430F8B6CAE} - System32\Tasks\At46 => C:\Windows\Fonts\4ntwY.com
Task: {692041A4-1FDD-4893-ABA1-91A0EB1803AE} - System32\Tasks\At35 => C:\Windows\Fonts\4ntwY.com
Task: {6EFD3F80-074D-4FB1-911E-D749EC2FA0B4} - System32\Tasks\At7 => C:\Windows\Fonts\4ntwY.com
Task: {713C9F9E-5E40-4D69-A8FD-B08BE3493AA8} - System32\Tasks\At52 => C:\Windows\Fonts\4ntwY.com
Task: {745421A6-ADA6-4BCC-87C0-075468CCC2FC} - System32\Tasks\At44 => C:\Windows\Fonts\4ntwY.com
Task: {799FC718-2CDC-42FA-B51E-DE64140614C8} - System32\Tasks\At27 => C:\Windows\Fonts\4ntwY.com
Task: {7FB999B4-9B01-4FEE-A0AF-CB858B50891D} - System32\Tasks\At33 => C:\Windows\Fonts\4ntwY.com
Task: {821D2ECD-E5BC-476F-98B0-B1A1A55C18E2} - System32\Tasks\At81 => C:\Windows\Fonts\4ntwY.com
Task: {8222D9D6-9421-4EBB-8579-FE55753C32AB} - System32\Tasks\At41 => C:\Windows\Fonts\4ntwY.com
Task: {8449E351-5B89-432B-BBBD-373D0DAA110B} - System32\Tasks\At87 => C:\Windows\Fonts\4ntwY.com
Task: {84660D24-C60D-4F78-A0FE-102935DF4196} - System32\Tasks\At29 => C:\Windows\Fonts\4ntwY.com
Task: {889ACD28-97EA-464A-9A49-DB993035A6B4} - System32\Tasks\At60 => C:\Windows\Fonts\4ntwY.com
Task: {89009872-81AC-4D6B-A513-062F36DEBB05} - System32\Tasks\At48 => C:\Windows\Fonts\4ntwY.com
Task: {8AF30C91-E76A-4495-A686-2E8B2B31C715} - System32\Tasks\At71 => C:\Windows\Fonts\4ntwY.com
Task: {8C0533F7-9E2D-4D6C-BD9D-0840AD191BC6} - System32\Tasks\At25 => C:\Windows\Fonts\4ntwY.com
Task: {8DFCB707-A461-4FB3-92D8-334A6AAD378E} - System32\Tasks\At38 => C:\Windows\Fonts\4ntwY.com
Task: {8DFD2BA1-ED00-491A-8D6E-044B66843936} - System32\Tasks\At31 => C:\Windows\Fonts\4ntwY.com
Task: {8EADB373-1FD4-4993-B262-6072BDDF74F7} - System32\Tasks\At8 => C:\Windows\Fonts\4ntwY.com
Task: {8F89B943-A927-48B6-B602-F43045077CE8} - System32\Tasks\At82 => C:\Windows\Fonts\4ntwY.com
Task: {914FD295-FE0F-4A78-BD7A-A0EBF884E782} - System32\Tasks\At40 => C:\Windows\Fonts\4ntwY.com
Task: {92555A58-A252-49BB-9A52-57C034AADE58} - System32\Tasks\At6 => C:\Windows\Fonts\4ntwY.com
Task: {927BEB91-9ADF-4D76-B304-EFAACF3DC9A4} - System32\Tasks\{23EB6160-A297-4202-95D7-1E07AFBEB181} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-02-29] (Skype Technologies S.A.)
Task: {93EC4910-5CA0-4793-8AD7-737D2DF1AD7C} - System32\Tasks\At17 => C:\Windows\Fonts\4ntwY.com
Task: {9A5C70DF-DC30-45CB-90BE-F9E9A18E3C86} - System32\Tasks\At91 => C:\Windows\Fonts\4ntwY.com
Task: {9DF28953-449F-4C75-8BAE-02E709DEEA4A} - System32\Tasks\At62 => C:\Windows\Fonts\4ntwY.com
Task: {9F458DE7-5399-4C2F-BB94-F5DC494C0580} - System32\Tasks\At75 => C:\Windows\Fonts\4ntwY.com
Task: {A06AC41A-3360-4474-B95C-D41B917C94FE} - System32\Tasks\At66 => C:\Windows\Fonts\4ntwY.com
Task: {A5605AAD-FE7A-4C7C-8CA8-393AECBEE1BF} - System32\Tasks\At39 => C:\Windows\Fonts\4ntwY.com
Task: {A84CC3FE-26C6-43C0-A8E8-AEDA5A4697FA} - System32\Tasks\At70 => C:\Windows\Fonts\4ntwY.com
Task: {A861CC32-49BE-43FF-A6FB-0AEB93BBFD95} - System32\Tasks\At57 => C:\Windows\Fonts\4ntwY.com
Task: {AC7D7761-B91A-45DC-8785-EF152F53750E} - System32\Tasks\At42 => C:\Windows\Fonts\4ntwY.com
Task: {AC8008EC-C9D7-41C2-A888-9ECF27E0BED0} - System32\Tasks\At68 => C:\Windows\Fonts\4ntwY.com
Task: {ACBCDA33-A8CD-469D-9570-37F259C333E7} - System32\Tasks\At14 => C:\Windows\Fonts\4ntwY.com
Task: {ACD44DD3-CAD5-49D0-801D-07FCD9622B9C} - System32\Tasks\At51 => C:\Windows\Fonts\4ntwY.com
Task: {ADC75BA5-7C3B-4023-90E3-DBD29ADB3158} - System32\Tasks\At80 => C:\Windows\Fonts\4ntwY.com
Task: {B059676E-0F4E-488F-A189-D14B9849C579} - System32\Tasks\At10 => C:\Windows\Fonts\4ntwY.com
Task: {B6921AD7-C04D-467F-8387-E2EDB435F4B3} - System32\Tasks\At56 => C:\Windows\Fonts\4ntwY.com
Task: {B748457A-8C51-4857-9235-DBD2E1FD0DA3} - System32\Tasks\At59 => C:\Windows\Fonts\4ntwY.com
Task: {B89188E8-A8C8-4231-9BEF-C0211B4FE478} - System32\Tasks\At63 => C:\Windows\Fonts\4ntwY.com
Task: {BC8631F9-2784-4E9E-BCDF-B51EEFCC1161} - System32\Tasks\At22 => C:\Windows\Fonts\4ntwY.com
Task: {C19E7097-E56B-4564-95C6-AED4220B3953} - System32\Tasks\At12 => C:\Windows\Fonts\4ntwY.com
Task: {C5DEAEFE-1CD4-44CC-AD22-9D9775D5D6E6} - System32\Tasks\At78 => C:\Windows\Fonts\4ntwY.com
Task: {C61585FB-928B-45B4-948E-50AFE8B19E06} - System32\Tasks\At90 => C:\Windows\Fonts\4ntwY.com
Task: {C63FCA47-6DFD-4505-A361-90873599F335} - System32\Tasks\At61 => C:\Windows\Fonts\4ntwY.com
Task: {CA062124-AA19-41EC-B0FF-24CAC5076E43} - System32\Tasks\At77 => C:\Windows\Fonts\4ntwY.com
Task: {D0926103-5E5C-453F-8628-00190B9BD99A} - System32\Tasks\At30 => C:\Windows\Fonts\4ntwY.com
Task: {D37FB891-C254-4A6C-8EAB-AEF11089D57F} - System32\Tasks\At43 => C:\Windows\Fonts\4ntwY.com
Task: {D59EA3EF-DF78-4613-800D-9D5609F26B69} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\VooMuu\bin\1.0.36.0\VooMuuSA.exe <==== ATTENTION
Task: {D6BCFD2C-AE65-43B6-A573-1C589C0DD2E3} - System32\Tasks\At47 => C:\Windows\Fonts\4ntwY.com
Task: {D6CC03CA-104A-429E-B997-04E7E3FB13C1} - System32\Tasks\At93 => C:\Windows\Fonts\4ntwY.com
Task: {DE196585-261F-4F49-9D15-09C756A6489C} - System32\Tasks\At34 => C:\Windows\Fonts\4ntwY.com
Task: {DF48FB78-1EAA-4B92-A5CF-5B12A3E26305} - System32\Tasks\At9 => C:\Windows\Fonts\4ntwY.com
Task: {E0F11D57-3EE9-4E96-B466-9E7B057030ED} - System32\Tasks\At4 => C:\Windows\Fonts\4ntwY.com
Task: {E16D1D29-B58C-4CF2-B56F-6A9DC0303899} - System32\Tasks\At3 => C:\Windows\Fonts\4ntwY.com
Task: {E25120FC-2497-43EB-BA86-744EBEB33279} - System32\Tasks\At67 => C:\Windows\Fonts\4ntwY.com
Task: {E7D8BD75-705D-4E7F-841B-A9AA741C3037} - System32\Tasks\At18 => C:\Windows\Fonts\4ntwY.com
Task: {E9AEB303-8DF9-424D-9F30-BA0FFCC756B1} - System32\Tasks\At94 => C:\Windows\Fonts\4ntwY.com
Task: {EE2B56F7-B4A7-4324-ABFA-EB5D97F27826} - System32\Tasks\At45 => C:\Windows\Fonts\4ntwY.com
Task: {F219A3DE-5980-4A90-8C68-B4B6730D3B49} - System32\Tasks\At74 => C:\Windows\Fonts\4ntwY.com
Task: {F3E2A692-1C3B-4D94-B3C2-6C7B107C7DA4} - System32\Tasks\At19 => C:\Windows\Fonts\4ntwY.com
Task: {F45792EA-48BC-4473-8FAA-8C7C02598D6F} - System32\Tasks\At53 => C:\Windows\Fonts\4ntwY.com
Task: {FA6F888C-052B-4518-B228-4BFD3EA8B067} - System32\Tasks\At1 => C:\Windows\Fonts\4ntwY.com
Task: {FC171206-45E4-4F75-81BE-AD5CA744282F} - System32\Tasks\At26 => C:\Windows\Fonts\4ntwY.com
Task: {FDE0B119-EA08-47BD-B6EA-6D4210FF54AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => ?
Task: C:\Windows\Tasks\At10.job => ?
Task: C:\Windows\Tasks\At11.job => ?
Task: C:\Windows\Tasks\At12.job => ?
Task: C:\Windows\Tasks\At13.job => ?
Task: C:\Windows\Tasks\At14.job => ?
Task: C:\Windows\Tasks\At15.job => ?
Task: C:\Windows\Tasks\At16.job => ?
Task: C:\Windows\Tasks\At17.job => ?
Task: C:\Windows\Tasks\At18.job => ?
Task: C:\Windows\Tasks\At19.job => ?
Task: C:\Windows\Tasks\At2.job => ?
Task: C:\Windows\Tasks\At20.job => ?
Task: C:\Windows\Tasks\At21.job => ?
Task: C:\Windows\Tasks\At22.job => ?
Task: C:\Windows\Tasks\At23.job => ?
Task: C:\Windows\Tasks\At24.job => ?
Task: C:\Windows\Tasks\At25.job => ?
Task: C:\Windows\Tasks\At26.job => ?
Task: C:\Windows\Tasks\At27.job => ?
Task: C:\Windows\Tasks\At28.job => ?
Task: C:\Windows\Tasks\At29.job => ?
Task: C:\Windows\Tasks\At3.job => ?
Task: C:\Windows\Tasks\At30.job => ?
Task: C:\Windows\Tasks\At31.job => ?
Task: C:\Windows\Tasks\At32.job => ?
Task: C:\Windows\Tasks\At33.job => ?
Task: C:\Windows\Tasks\At34.job => ?
Task: C:\Windows\Tasks\At35.job => ?
Task: C:\Windows\Tasks\At36.job => ?
Task: C:\Windows\Tasks\At37.job => ?
Task: C:\Windows\Tasks\At38.job => ?
Task: C:\Windows\Tasks\At39.job => ?
Task: C:\Windows\Tasks\At4.job => ?
Task: C:\Windows\Tasks\At40.job => ?
Task: C:\Windows\Tasks\At41.job => ?
Task: C:\Windows\Tasks\At42.job => ?
Task: C:\Windows\Tasks\At43.job => ?
Task: C:\Windows\Tasks\At44.job => ?
Task: C:\Windows\Tasks\At45.job => ?
Task: C:\Windows\Tasks\At46.job => ?
Task: C:\Windows\Tasks\At47.job => ?
Task: C:\Windows\Tasks\At48.job => ?
Task: C:\Windows\Tasks\At49.job => ?
Task: C:\Windows\Tasks\At5.job => ?
Task: C:\Windows\Tasks\At50.job => ?
Task: C:\Windows\Tasks\At51.job => ?
Task: C:\Windows\Tasks\At52.job => ?
Task: C:\Windows\Tasks\At53.job => ?
Task: C:\Windows\Tasks\At54.job => ?
Task: C:\Windows\Tasks\At55.job => ?
Task: C:\Windows\Tasks\At56.job => ?
Task: C:\Windows\Tasks\At57.job => ?
Task: C:\Windows\Tasks\At58.job => ?
Task: C:\Windows\Tasks\At59.job => ?
Task: C:\Windows\Tasks\At6.job => ?
Task: C:\Windows\Tasks\At60.job => ?
Task: C:\Windows\Tasks\At61.job => ?
Task: C:\Windows\Tasks\At62.job => ?
Task: C:\Windows\Tasks\At63.job => ?
Task: C:\Windows\Tasks\At64.job => ?
Task: C:\Windows\Tasks\At65.job => ?
Task: C:\Windows\Tasks\At66.job => ?
Task: C:\Windows\Tasks\At67.job => ?
Task: C:\Windows\Tasks\At68.job => ?
Task: C:\Windows\Tasks\At69.job => ?
Task: C:\Windows\Tasks\At7.job => ?
Task: C:\Windows\Tasks\At70.job => ?
Task: C:\Windows\Tasks\At71.job => ?
Task: C:\Windows\Tasks\At72.job => ?
Task: C:\Windows\Tasks\At73.job => ?
Task: C:\Windows\Tasks\At74.job => ?
Task: C:\Windows\Tasks\At75.job => ?
Task: C:\Windows\Tasks\At76.job => ?
Task: C:\Windows\Tasks\At77.job => ?
Task: C:\Windows\Tasks\At78.job => ?
Task: C:\Windows\Tasks\At79.job => ?
Task: C:\Windows\Tasks\At8.job => ?
Task: C:\Windows\Tasks\At80.job => ?
Task: C:\Windows\Tasks\At81.job => ?
Task: C:\Windows\Tasks\At82.job => ?
Task: C:\Windows\Tasks\At83.job => ?
Task: C:\Windows\Tasks\At84.job => ?
Task: C:\Windows\Tasks\At85.job => ?
Task: C:\Windows\Tasks\At86.job => ?
Task: C:\Windows\Tasks\At87.job => ?
Task: C:\Windows\Tasks\At88.job => ?
Task: C:\Windows\Tasks\At89.job => ?
Task: C:\Windows\Tasks\At9.job => ?
Task: C:\Windows\Tasks\At90.job => ?
Task: C:\Windows\Tasks\At91.job => ?
Task: C:\Windows\Tasks\At92.job => ?
Task: C:\Windows\Tasks\At93.job => ?
Task: C:\Windows\Tasks\At94.job => ?
Task: C:\Windows\Tasks\At95.job => ?
Task: C:\Windows\Tasks\At96.job => ?
Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Mark ).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Loaded Modules (whitelisted) =============

2013-08-25 20:35 - 2005-04-21 22:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-10 02:12 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-25 20:34 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-05-21 14:04 - 2014-04-29 18:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-22 17:26 - 2014-04-29 18:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 14:04 - 2014-04-29 18:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-07 22:49 - 2014-04-29 18:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-25 14:23 - 2014-05-16 19:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 14:04 - 2014-04-28 18:37 - 02198720 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 14:04 - 2014-04-28 18:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2011-09-27 10:55 - 2014-05-21 11:39 - 01145536 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-09-27 10:55 - 2014-05-01 17:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-05-08 23:48 - 2013-06-14 17:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-05-08 23:48 - 2013-06-14 17:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-05-08 23:48 - 2013-06-14 17:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/27/2014 10:52:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000024
Fault offset: 0x00000000000cd7d8
Faulting process id: 0x7d4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (05/27/2014 06:04:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16545, time stamp: 0x531a90a1
Faulting module name: Flash64_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359ce87
Exception code: 0xc0000005
Fault offset: 0x00000000008aa1e2
Faulting process id: 0x1e94
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (05/27/2014 05:39:25 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0, Version=10.0.0.00000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80131506

Error: (05/27/2014 05:39:10 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.Office.Tools.Outlook.v9.0, Version=9.0.0.00000000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80131506

Error: (05/27/2014 05:39:03 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.Office.BusinessApplications.RuntimeUi, Version=14.0.0.0000000, Culture=neutral, PublicKeyToken=71E9BCE111E9429C . Error code = 0x80131506

Error: (05/27/2014 05:37:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: C:\Program Files (x86)\Microsoft Office\Office12\Microsoft.Web.Authoring.dll . Error code = 0x80131506

Error: (05/27/2014 05:30:09 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0, Version=10.0.0.00000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80131506

Error: (05/27/2014 05:29:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: Microsoft.Office.Tools.Outlook.v9.0, Version=9.0.0.00000000, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A . Error code = 0x80131506

Error: (05/27/2014 02:05:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000008
Fault offset: 0x00000000000cd7d8
Faulting process id: 0xb7c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (05/27/2014 01:11:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16545, time stamp: 0x531a90a1
Faulting module name: Flash64_13_0_0_214.ocx, version: 13.0.0.214, time stamp: 0x5359ce87
Exception code: 0xc0000005
Fault offset: 0x00000000002b7cc0
Faulting process id: 0x41ec
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

System errors:
=============
Error: (05/27/2014 10:44:46 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (05/27/2014 10:44:45 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (05/27/2014 10:44:44 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (05/27/2014 10:40:40 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/27/2014 10:39:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/27/2014 10:39:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.2 service failed to start due to the following error:
%%2

Error: (05/27/2014 10:39:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/27/2014 10:39:44 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/27/2014 10:38:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070641: Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-07-04 02:46:17.811
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\e84d78.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-04 02:46:17.753
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\e84d78.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 6143.3 MB
Available physical RAM: 2938.79 MB
Total Pagefile: 12286.59 MB
Available Pagefile: 8305.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:635.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5E5E94D2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Maniac · May 29, 2014

Hello Reflexes and :welcome: ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as µTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

When you are ready, please generate new fresh FRST log files and post them here.

Reflexes · May 29, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Mark (administrator) on MARK on 29-05-2014 12:58:01
Running from C:\Users\Mark \Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe