1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

[Solved] PC preforming horribly

Discussion in 'Malware Removal Help' started by Connor Merenda, Jul 2, 2014.

Page 1 of 2
  1. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    Hi, in the past month or so I've noticed my laptop start to preform really bad. I used to run games perfect without any frame rate issues for about a year. Then all of the sudden almost all games run horribly with extremely low settings. I've tried multiple things such as cleaning the dust out and system restore but nothing has worked so far. I think I might have some sort of virus that is using up my gpu or cpu while I play games.



    My laptop:


    Gpu: Nividia GT 650m

    Cpu: Intel Core i7-3610QM

    Ram: 8 gb



    Thanks in advance,

    Connor
     
    Connor Merenda, Jul 2, 2014
    #1
  3. Plastic Nev

    Plastic Nev SUPER MODERATOR IN MEMORY

    Joined:
    May 2, 2009
    Messages:
    2,801
    Location:
    In front of a monitor in Blackburn Lanc's UK.
    Operating System:
    Windows 7
    Hi Connor and welcome to Computer Help Forums.
    There can be many causes for this slowing down, however, if you suspect virus or other malware as the possible reason, we can hopefully sort that out for you first, please read all on this page :-

    http://computerhelpforums.net/threads/preparation-for-malware-removal-help-windows-8.36476/

    You can post those logs on this thread for now and if needed the thread will be moved to the Malware removal section later.

    Nev.
     
    Plastic Nev, Jul 2, 2014
    #2
  4. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    Thanks! I will give you all the logs when I'm done!
     
    Connor Merenda, Jul 2, 2014
    #3
  5. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    Malwarebyte:
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 7/2/2014
    Scan Time: 2:30:38 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.02.06
    Rootkit Database: v2014.07.01.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8
    CPU: x64
    File System: NTFS
    User: conno_000

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 316431
    Time Elapsed: 20 min, 12 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 3
    Heuristics.Shuriken, C:\Users\conno_000\AppData\Roaming\Adobe\hkcmd.exe, 5664, Delete-on-Reboot, [ffffffffffffffffffffffffffffffff]
    Trojan.BitCoinMiner, C:\Windows\Temp\svchost.exe, 8528, Delete-on-Reboot, [3d817129364583b3de9447c7758c8080]
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe, 5748, Delete-on-Reboot, [308e7f1b99e24beb54258f5b3ec514ec]

    Modules: 30
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\MACTrackBarLib.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sgml.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbl.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sidb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\siem.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sipb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smta.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smtu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbe.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sppsm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spusm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbs.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srns.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srom.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srpdm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsbsau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srut.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],

    Registry Keys: 14
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [318d1684b1ca2e085a2700f7996afb05],
    PUP.Optional.DoSearches.A, HKLM\SOFTWARE\WOW6432NODE\dosearchesSoftware, Quarantined, [1ba3980292e965d17d1f8669b152d32d],
    PUP.Optional.Ligtning.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cekcjpgehmohobmdiikfnopibipmgnml, Quarantined, [e1ddf5a512696ec8c51d904113efb848],
    PUP.Optional.Elex.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ifohbjbgfchkkfhphahclmkpgejiplfo, Quarantined, [fbc3168444373afc6837c12e49ba2cd4],
    PUP.Optional.SmartBar, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, Quarantined, [ead4c6d4e49795a161c9b0542fd53ac6],
    PUP.Optional.SmartBar, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, Quarantined, [e4da702a2c4fe94df9308b7941c3c53b],
    PUP.Optional.Softonic.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [536bd5c55f1cd3631d5d2e96ce34bf41],

    Registry Values: 4
    Heuristics.Shuriken, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Keyboard Inf., C:\Users\conno_000\AppData\Roaming\Adobe\hkcmd.exe, Quarantined, [ffffffffffffffffffffffffffffffff]
    PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll C:\Windows\system32\nvinitx.dll, Quarantined, [c2fca3f784f701356216848749bb11ef]
    PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Windows\SysWOW64\nvinit.dll, Quarantined, [b509e1b9ef8cad89cfa98a8113f1916f]
    PUP.Optional.SmartBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Infrastructure Helper, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe startup, Quarantined, [308e7f1b99e24beb54258f5b3ec514ec]

    Registry Data: 20
    PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Windows\SysWOW64\nvinit.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll),Replaced,[803e1c7e4b301e1857ee1113649d33cd]
    PUP.Optional.Conduit.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll C:\Windows\system32\nvinitx.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll),Replaced,[9f1fa9f1403bfb3b202520040df43ec2]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[5e60f5a5ee8d9f9741442769877df20e]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[bc0279213546f541295d137dde26ba46]
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[13ab1d7dfa8180b6774ac7c953b17b85]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[4e703a60fa81bf77b9cc0c84966efa06]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[5d617c1ea6d56ccab2d44e4283817888]
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[47773a600675fc3a11b00d83fc08e21e]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[15a99dfda0dbd660ffe2355141c3ab55]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[c3fb059580fb49edd5f567290202817f]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.helperbar.com/?p=mKO_Aw...ABb3_LJSr6CSLC0Vyfdhtur_36d74x8oM4KW_Wpb2f5ok,, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[0bb34c4e3447e2541bc7622449bb7b85]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.helperbar.com/?p=mKO_Aw...ABb3_LJSr6CSLC0Vyfdhtur_36d74x8oM4KW_Wpb2f5ok,, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d5e97228522942f4c00b226e36ceda26]
    PUP.Optional.DoSearches, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[4a7475256e0d8ea8bac95e32689c1de3]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[5965673335460a2cf1efe0a6a460c53b]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d4ea97031863a98d5970a0f0a65e29d7]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[47773f5b07741e182fb4a5e181839e62]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d6e8faa0f2890432bc10612f1ee69967]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d8e627736714d85ea73d553139cb39c7]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[17a78e0c3f3c93a35578048cf90b0ff1]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[15a9a9f18cef88ae538c295d4bb9a060]

    Folders: 43
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ar, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\de, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\es, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\fr, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\he, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\it, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\nl, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\pt, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ru, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\tr, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\icons, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\10.201.1.12915, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\11.24.60.15709, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\plugins, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\defaults, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\defaults\preferences, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, Quarantined, [8a34207a1467af87394598ffb2501de3],
    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Delete-on-Reboot, [c4fa75251962ec4a82105642639f669a],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SearchProtect.A, C:\Users\conno_000\AppData\Local\SearchProtect, Quarantined, [0faf1c7e8cef3204835c98142cd6837d],
    PUP.Optional.SearchProtect.A, C:\Users\conno_000\AppData\Local\SearchProtect\SearchProtect, Quarantined, [0faf1c7e8cef3204835c98142cd6837d],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Managera.A, C:\Users\conno_000\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [f0ce2f6bde9df1454300199633cf57a9],

    Files: 386
    Heuristics.Shuriken, C:\Users\conno_000\AppData\Roaming\Adobe\hkcmd.exe, Delete-on-Reboot, [ffffffffffffffffffffffffffffffff],
    Trojan.BitCoinMiner, C:\Windows\Temp\svchost.exe, Delete-on-Reboot, [3d817129364583b3de9447c7758c8080],
    PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, Delete-on-Reboot, [803e1c7e4b301e1857ee1113649d33cd],
    PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, Quarantined, [9f1fa9f1403bfb3b202520040df43ec2],
    RiskWare.Tool.CK, C:\$Recycle.Bin\S-1-5-21-2100282219-3180197948-4272881602-1005\$RQ2S484.exe, Quarantined, [fcc27b1f4932ee48e49c2da310f1f808],
    Trojan.BitCoinMiner, C:\Users\conno_000\AppData\Local\Temp\svchost.exe, Quarantined, [f9c5c0da0a71f3434b27ac621ce5ad53],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsg8E73.exe, Quarantined, [37878614d2a92b0b75d0b96b03fef709],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsi9358.exe, Quarantined, [1ca224762b5080b6df66bb69dd24da26],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsl28B4.exe, Quarantined, [5965a2f86c0f66d0b590b56f3cc545bb],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsoD5AD.exe, Quarantined, [6f4fff9b2a516bcb1a2b9d877c858779],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsu4C9A.exe, Quarantined, [229cdcbe0a7149ed1233f72dae53946c],
    PUP.Optional.QuickShare.A, C:\Users\conno_000\AppData\Local\Temp\QuickShare1.exe, Quarantined, [d3eb0c8ec8b36acc3c0cfa249e626c94],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Temp\nsuFDD0.tmp, Quarantined, [d1edc8d2720901356c5e8697fa074eb2],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Temp\nsv4F26.tmp, Quarantined, [47776535f2890432ffcbba63639e49b7],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsvDAFF.exe, Quarantined, [55691882a6d5b4824ef7f0343fc22bd5],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Temp\nswC9CD.tmp, Quarantined, [6d51ff9bd4a760d619b1a875cd346b95],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Temp\Installer.exe, Quarantined, [dce28b0f62193ef886c50b131de31ae6],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\mconduitinstaller.exe, Quarantined, [992562381a6185b199592ef03dc39e62],
    PUP.Optional.Somoto, C:\Users\conno_000\AppData\Local\Temp\bitool.dll, Quarantined, [b905d9c1205bee48c8c56eb935cdce32],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\SPStub.exe, Quarantined, [36882377c3b8092d3849071b6d94629e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\SPSetup.exe, Quarantined, [12acf5a55c1ffc3a1a2b869e4ab7758b],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\SecondStepInstaller.exe, Quarantined, [cef0d0ca2d4eef471b2a84a01fe2b848],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\djieoettjrbhgys\bpcsdwbc.exe, Quarantined, [1aa4c5d5f3882f0733e75e59cb3905fb],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\dtrcnecxbju\vyljbdnhza.exe, Quarantined, [714d87136516221485959f1809fbb44c],
    PUP.Optional.Wsys.A, C:\Users\conno_000\AppData\Local\Temp\eIntaller\AB410E803EEF43b6BC74358B501ADD4F\c9bde3823c.exe, Quarantined, [209e5a40b8c349edf73489a381803ac6],
    PUP.Optional.Wilsys.A, C:\Users\conno_000\AppData\Local\Temp\eIntaller\AB410E803EEF43b6BC74358B501ADD4F\eXQ.exe, Quarantined, [407e0397f6852d0932f8b97311f045bb],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\enqxczmztkka\rqflpems.exe, Quarantined, [ffbf36641e5dbf77f624c0f7976d9769],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\suetvvwwhgqwaff\vhunbxskd.exe, Quarantined, [0db113870b704ee8011933846c987b85],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\hbieranmug\rturrybkq.exe, Quarantined, [0bb305951d5e4ee86bafcaed21e3a957],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\hkfzznalbzdfscnk\haqojgacoaaq.exe, Quarantined, [a11db4e6aad1db5bd149eec9679dd32d],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\hkzqohvjjugsfce\wytpttiganx.exe, Quarantined, [c8f6b4e685f6a195a575d0e7c4409d63],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\vdqosbnxdlax\zqwyhice.exe, Quarantined, [a5195f3b7cff999d57c3c7f0ba4a2bd5],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\wawixhcoelgxj\haaqsuqswog.exe, Quarantined, [d1edacee3f3c0f2738e2cfe8fa0a11ef],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\npvedxpdzcsegydf\pvgrfeidzkd.exe, Quarantined, [49758b0f3b40a98d45d5a413dd27f30d],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jplytsmiqo\febxvfuslu.exe, Quarantined, [d9e5f7a3b9c296a0001aaf08d92be818],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jshtgxhtxusddb\newbnvuw.exe, Quarantined, [f1cd4f4ba0db63d319019d1a92721de3],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jtzeqcmwghvgibl\dznndcmnlf.exe, Quarantined, [209e12885c1fef47e03a4b6c867e817f],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\AU\SPSetup.exe, Quarantined, [2b93f7a3601b1521271e56ce23deee12],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\axdfsbygtchqd\yvhppzmeok.exe, Quarantined, [229cedad8eedad8926f49324cf35d729],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\tqatlmborbkt\zlycujjqyklc.exe, Quarantined, [9f1f42583942033350ca5265bb49ed13],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\peragxrmmr\hehnewfkf.exe, Quarantined, [6c52debc2556ca6cd149d2e516eea35d],
    Trojan.Downloader.Agent, C:\Users\conno_000\AppData\Local\Temp\Phx77FE\checker.exe, Quarantined, [c3fb089276058caab2d032e4728fc43c],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\PhxC331\SweetPacks2.exe, Quarantined, [c0feebaf304b3501b43ecc526997b749],
    Trojan.Downloader.Agent, C:\Users\conno_000\AppData\Local\Temp\PhxFE37\checker.exe, Quarantined, [b30b29717efde45296ec2ee8f70a718f],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\plhjvbzqliopadx\qogpgsgg.exe, Quarantined, [1ba36337601b85b194869e19c0445da3],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\qrzupihftbhb\vcrntvgmvz.exe, Quarantined, [efcf108a9fdcdf5765b581360df78c74],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nwbcsdgxwufon\ykfulivwcd.exe, Quarantined, [bb035644b0cb2d0956c484334fb5ef11],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nwfasqerdlv\xmglavbsperu.exe, Quarantined, [8638c8d2d8a35bdb0119eec92dd71ee2],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nwtsemsemfoe\iwnhcomxeuhi.exe, Quarantined, [f1cd0694443784b237e3edcabd476e92],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nxxzujjvng\mznzxnzvh.exe, Quarantined, [625c32687803db5baa70bbfca85cc63a],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\oguztekamtap\kbstramd.exe, Quarantined, [9826b2e8601bee489288af085ea6619f],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\shozjyrxxolfpyzu\pupmbdtbogg.exe, Quarantined, [17a7bcde9dde1f170515bdfa2bd96997],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\sirnlxjyyj\kwvisbtbcfkt.exe, Quarantined, [e0de41597506de58f921ab0c877d8a76],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\mbbycizktlfi\apsjrbndimbb.exe, Quarantined, [c9f5aeec14676ccacd4d684f11f360a0],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\fnkyeogplhiqn\pectuiqnbfxz.exe, Quarantined, [3a84d8c2b3c8ed4938e23f7826de9b65],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\bvclkuifonofcvl\andamejxzy.exe, Quarantined, [813d1981314a87af26f46d4a818348b8],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\bzsjikaqyvkzus\aazyfqllccgq.exe, Quarantined, [cdf15e3c3b400432bc5eded98480e51b],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\cbcmpqltpxm\onnewwtlkyuu.exe, Quarantined, [d1edcecc6219d85e66b48e29ef15f50b],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\cbnuqraicluq\bampjwygzbg.exe, Quarantined, [f9c53169dba0bb7b45d5a413a75de020],
    PUP.Optional.SmartBar, C:\Users\conno_000\AppData\Local\Temp\MSI94F2.tmp-\Smartbar.Installer.CustomActions.dll, Quarantined, [0eb0633795e653e3c16e161839c71de3],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\myymjeqaoh\nvuxldhkircz.exe, Quarantined, [6856089291ea49ed4ad047707a8a7a86],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ncaiufaozwom\jcweuzznvfel.exe, Quarantined, [407ee2b88fecd75f4dcde2d56e9657a9],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nnfvfakdohvemg\hnhkqacoq.exe, Quarantined, [13ab207abdbee84ec05a912611f37d83],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jxeuetmlaafyz\lwufjbqkufmj.exe, Quarantined, [c1fdecaee794de5889913f78c73da060],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\rqvcqlqrsq\iclvpnqg.exe, Quarantined, [14aa4b4f7902ce68f9216156d331728e],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ozerfgqndehxvvhb\xumujzsbj.exe, Quarantined, [625c4753d4a7b97d66b457601be99868],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\afomfhqseosetu\uwrzhibre.exe, Quarantined, [3c82aceefe7d77bfda400ea993718a76],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\xpajubnfrgq\hvthmkkkix.exe, Quarantined, [a01ecbcff8830630c8528730689cd12f],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ywstkcsfwurvr\ckzlqdbx.exe, Quarantined, [6955217944373ff71901eec938cc12ee],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\yyakowcvibnxh\oowlijhx.exe, Quarantined, [17a71387b6c5d0665cbe8a2d25df0cf4],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zewihwirvwoq\ilhmdgyp.exe, Quarantined, [3e807d1d46352016db3f892e63a108f8],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zgywuhkyayedvdc\eudrldeszzbr.exe, Quarantined, [5767f8a2186376c00119298eba4a3cc4],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zhwskpcmyukz\qnyqfihjblt.exe, Quarantined, [9f1f1882e8938aacab6f3f7890749a66],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zlygukaxrd\bvxgwpxcxnh.exe, Quarantined, [437b23777ffc71c5b36701b60ef63fc1],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zptgdtdssgg\bmyokhfb.exe, Quarantined, [219dacee18637fb70b0fd5e254b0ac54],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zvrbwrtypupcxrip\ihqutbff.exe, Quarantined, [922c28727803a78f65b5d4e330d4bf41],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Temp\Smartbar\LinkuryInstaller.msi, Quarantined, [427c6f2b6d0e15217df3167331d042be],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Temp\Smartbar\3638f282-3a6a-42db-9eda-0adf883af7b5\LinkuryInstaller.msi, Quarantined, [9a24306a3843af87412fd3b6f809f50b],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\twdzcjesyovkykqg\ffwkelsq.exe, Quarantined, [ad115a4091ea40f6c9518532c63e8080],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\bevwcwfryi\jpmpxgsaz.exe, Quarantined, [6559356509723501af6b942341c347b9],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\tfofekoyocwy\rueekrrnk.exe, Quarantined, [a11d6c2eee8d013540da2f8803015ba5],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\udhjmzweznukhi\zedvayvmuqrf.exe, Quarantined, [07b7099159226fc705151d9aab593fc1],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\untqasrlfz\skkuvkhwlur.exe, Quarantined, [ba045f3b8af1df57011963543cc8f60a],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\cgjdqcdbqppp\thdrjvqc.exe, Quarantined, [5d61efabeb909f97ec2e5463897bed13],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\chLogic.exe, Quarantined, [0cb2f2a864173006d8a9a87a15ecb050],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\ctbe.exe, Quarantined, [6a5417839ae1d4626b31c25ce51bd12f],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\ffLogic.exe, Quarantined, [76487e1c37445adcdaa763bf54adfc04],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\ieLogic.exe, Quarantined, [c0fe9703a2d9999dee93899944bd57a9],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\spch.exe, Quarantined, [fcc2e2b852293afc5d2423fff70a5ca4],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\spff.exe, Quarantined, [75490d8d196293a3fc85c260cd341ee2],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\statisticsStub.exe, Quarantined, [af0fcdcd0675f046f80e3bd245bc30d0],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\stub.exe, Quarantined, [edd125753d3e8ea8975cbb63758be818],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\plugins\TBVerifier.dll, Quarantined, [ba040a900d6e37ff8f384cf6e21e9d63],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\wxbqijkaasmu\wbffviemrs.exe, Quarantined, [c9f56f2b62191422b9614374956f53ad],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\xopcyshvymk\yjvbjlagr.exe, Quarantined, [98262c6ebdbe56e0a377dcdb0bf9c040],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ssmkoaouvkfhwfz\wkjljenofou.exe, Quarantined, [bd0108923843ff3789916b4c3fc554ac],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nszCA2E.exe, Quarantined, [a21c9406e4970432ada69c9357aae11f],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsc3EB4.exe, Quarantined, [4876e5b5b8c364d2d77c66c9e31e9769],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscB323.exe, Quarantined, [e2dce5b592e92b0bc78cd956ce33e020],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd59C9.exe, Quarantined, [437bdebc42396acc381b042b4eb3ff01],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd699A.exe, Quarantined, [edd1306a205b063073e077b8af527d83],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsi3191.exe, Quarantined, [467832682f4c37ffd67d1b14d42d7789],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsj59E9.exe, Quarantined, [27974258b9c2e84e0a496cc314ed16ea],
    PUP.Optional.Conduit.A, C:\Windows\Temp\nsj6B3E.exe, Quarantined, [2b9348520774ac8a8eb7f3317988fe02],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoD8E3.exe, Quarantined, [c4fae4b6b9c276c089ca67c8ab5653ad],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsr921D.exe, Quarantined, [f8c6d7c3a8d33afc92c133fc8b760af6],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsrF898.exe, Quarantined, [615dcad029523ef84211dd52fe03d927],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss459C.exe, Quarantined, [972796041269a88ee271111eff02a65a],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss6870.exe, Quarantined, [714d9cfeed8e8da9a3b0fe3125dc22de],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nst72F0.exe, Quarantined, [417d405a0873e650f1622e01679ab14f],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsuDB1A.exe, Quarantined, [05b96931d3a8a78f480bdc537c8508f8],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv76E8.exe, Quarantined, [0bb3b0ea85f6dd59e3700a25df2226da],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv7DC9.exe, Quarantined, [02bc277323587db96ae976b924dd9c64],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nswBCDC.exe, Quarantined, [14aae2b8d6a547efb99ad9569170ae52],
    PUP.Optional.Amonetize.AS, C:\Users\conno_000\Downloads\7zip__2780_i37780377_il604572.exe, Quarantined, [d2ec7822ee8de94d25d94eccf60b34cc],
    PUP.Optional.LiveSoftAction, C:\Users\conno_000\Downloads\Angry Birds provided through Adscend Media Network CPA.exe, Quarantined, [2f8fddbdf68592a4f31d932b52b250b0],
    PUP.Optional.OpenCandy, C:\Users\conno_000\Downloads\DTLite4471-0337.exe, Quarantined, [97270e8c6417c274e546358014f056aa],
    PUP.Optional.OptimumInstaller.A, C:\Users\conno_000\Downloads\Chrome_Setup.exe, Quarantined, [7945f0aa6b1041f502a34a0922df08f8],
    PUP.Optional.Spigot.A, C:\Users\conno_000\Downloads\SFInstaller_SFFZ_filezilla_8706467_.exe, Quarantined, [f2cc3169bebdf73f1e93f436ac55ca36],
    HackTool.GamesCheat.Gen, C:\Users\conno_000\Downloads\Camo Unlocker V-33_mpgh.net.rar, Quarantined, [1ba38515cab15adcc1ce7131b94b54ac],
    PUP.Optional.Softonic, C:\Users\conno_000\Downloads\SoftonicDownloader_for_hamachi (1).exe, Quarantined, [8539b2e85a2175c1c4e5ae5cad54e61a],
    PUP.Optional.Softonic, C:\Users\conno_000\Downloads\SoftonicDownloader_for_hamachi.exe, Quarantined, [407ef6a47efd1323fcada06adc2528d8],
    PUP.Optional.Verti, C:\Users\conno_000\Downloads\TinyMediaPlayer_RocketFuelInstaller.exe, Quarantined, [5c622b6f5328a2945cac85a727da25db],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Bundled software uninstaller\bi_client.exe, Quarantined, [209e4d4d611a59dd96342fee669b07f9],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\BrowserHelper.exe, Quarantined, [a6188e0cfb80072f69071f6ac8391de3],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe, Quarantined, [6856396196e562d4b33dca5d27d97789],
    PUP.Optional.SmartBar, C:\Windows\Installer\MSI94F2.tmp, Quarantined, [e0de0b8f512ac3734fe0ae80ac54946c],
    PUP.Optional.SnapDo.A, C:\Windows\Installer\5040e52.msi, Quarantined, [38868614e59613232e42abde5fa2a060],
    PUP.Optional.SnapDo.A, C:\Windows\Installer\50411af.msi, Quarantined, [57675f3bbcbf0b2b660a2663c63bfe02],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage, Quarantined, [1f9f5149621990a622d5fac2c53da55b],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal, Quarantined, [427cb9e17a0185b154a309b3f012cc34],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastcontent.conduit.com_0.localstorage, Quarantined, [8a34f6a41368bc7a58a05c60eb179e62],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastcontent.conduit.com_0.localstorage-journal, Quarantined, [ae102f6b5a21d56127d1dede09f94fb1],
    PUP.Optional.Superfish.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [605e009a3843bc7a2229d1ecd230659b],
    PUP.Optional.Superfish.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [7c4275259ae150e62922ccf162a02bd5],
    PUP.Optional.WebSearch.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\searchplugins\Web Search.xml, Quarantined, [ccf23c5ea4d7340207c98d3ec33f34cc],
    PUP.Optional.NewTab.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx, Quarantined, [a519cfcb9cdf3006ed8b2ea4c73ba060],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\phatk121016.cl, Quarantined, [5a642773a7d42b0b1e0bb634a55eee12],
    Trojan.BitcoinMiner, C:\Windows\Temp\phatk121016.cl, Quarantined, [536bb3e7d6a5a88eda4f9a50b152c43c],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\scrypt130511.cl, Quarantined, [d8e6792155260a2cbb6f5496649ffc04],
    Trojan.BitcoinMiner, C:\Windows\Temp\scrypt130511.cl, Quarantined, [e8d6247683f87eb852d8fcee3cc78878],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\diablo130302.cl, Quarantined, [87373763285395a1fe2d36b43ac98779],
    Trojan.BitcoinMiner, C:\Windows\Temp\diablo130302.cl, Quarantined, [b806dcbe75068aac74b7e30718eb11ef],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\poclbm130302.cl, Quarantined, [cef0aceefa8131059993cc1e719207f9],
    Trojan.BitcoinMiner, C:\Windows\Temp\poclbm130302.cl, Quarantined, [516d9a00750682b434f87c6efe0530d0],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\diakgcn121016.cl, Quarantined, [328c4e4cf2891b1b0d200dddae557789],
    Trojan.BitcoinMiner, C:\Windows\Temp\diakgcn121016.cl, Quarantined, [6e504a5090ebe155f439c72363a03fc1],
    PUP.Optional.DoSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\dosearches.xml, Quarantined, [249a5743adcea88e257649a625de34cc],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe, Delete-on-Reboot, [308e7f1b99e24beb54258f5b3ec514ec],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\BrowserHelper.exe.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ChromeHost.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\FiddlerCore.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\HtmlAgilityPack.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\lrcnt.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Lrcnta.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\lrrot.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\MACTrackBarLib.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.mshtml.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Common.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.ObjectBuilder.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\NDde.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ProductsRemovalTool.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\RegAsm.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sgml.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Communication.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyService.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbl.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sidb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\siem.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sipb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sismlp.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Common.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyRemover.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInstallationIcon.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarShortcutIcon.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smta.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smtu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbe.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sppsm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spsm.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spusm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbhu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbs.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sreu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srgu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srns.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srom.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srpdm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srprl.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srpu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsbs.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsbsau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsl.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sruhs.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srus.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srut.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\System.Data.SQLite.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\bg.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\options.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\popup.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\redirect.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\alxbl.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\BackPageRemove.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\defaultBlockList.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\documentEvents.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\externalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\FBImagePreview.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\filters.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\generalBackButtonDetection.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\InternalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\jquery-1.9.0.min.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\PluginWrapper.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\publisherDefinitions.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\ta.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\tabReload.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\TopFrameJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\trans.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome.manifest, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\BackPageRemove.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\externalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FBImagePreview.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\InternalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\jquery-1.5.1.min.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\publisherDefinitions.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\10.201.1.12915\user.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\11.24.60.15709\user.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\chromeid.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\conduit.xml, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\CT3314199.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\CT3314199.xpi, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\initData.json, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\manifest.json, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\setup.ini.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\version.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\install.rdf, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\defaults\preferences\defaults.js, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\background.html, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\background.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\data.json, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\icon128.png, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\jquery.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\manifest.json, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\xa.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\xagainit.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.html, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\manifest.json, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.htm, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.html, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.html, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS\border.css, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fb.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fblike.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\gmail.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\google.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\googleplus.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\left.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\mgsplusvideo.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\PBQuickShare.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\pinit.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\right.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\searchBoxQs.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\twitter.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\BackPageRemove.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\defaultBlockList.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\documentEvents.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\externalJS.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\FBImagePreview.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\InternalJS.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\jquery-1.9.0.min.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\PluginWrapper.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\publisherDefinitions.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\tabReload.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\TopFrameJS.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare128.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare16.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare48.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Managera.A, C:\Users\conno_000\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Quarantined, [f0ce2f6bde9df1454300199633cf57a9],
    PUP.Optional.Managera.A, C:\Users\conno_000\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Quarantined, [f0ce2f6bde9df1454300199633cf57a9],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://proxy.allsearchapp.com/app/start/", "http://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a", "http://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2", "http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301" ],), Replaced,[4f6f138795e680b621ecb907966e4fb1]
    PUP.Optional.HelperBar.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://feed.helperbar.com/?p=mKO_Aw...5kMt2r-hbdNkI7-_Ma2WANhl9oZlNajrKIeWsCX06uxNU,");), Replaced,[d8e69208146763d37f8a1ba453b14eb2]
    PUP.Optional.HelperBar.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://feed.helperbar.com/?p=mKO_Aw...mc__l3SCI5cmSRP4X93mhzZ_ZGzcTd-GGlJdcndss,&q=");), Replaced,[2995f6a4760526107991734cd72df20e]
    PUP.Optional.HelperBar.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://feed.helperbar.com/?p=mKO_Aw...ABb3_LJSr6CSLC0Vyfdhtur_36d74x8oM4KW_Wpb2f5ok,");), Replaced,[dfdfa1f93a416ccaf38c843bdc28da26]

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    FRST:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
    Ran by conno_000 (administrator) on CONNORSPC on 02-07-2014 15:19:40
    Running from C:\Users\conno_000\Downloads
    Platform: Windows 8 (X64) OS Language: English (United States)
    Internet Explorer Version 10
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
    (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Spotify Ltd) C:\Users\conno_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    () C:\Windows\Temp\svchost.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-19] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
    HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-11-09] (Dell Inc.)
    HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
    HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
    HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-21] (Power Software Ltd)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-05-31] (Razer Inc.)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1306360 2013-12-17] (Bogdan Sharkov)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [uTorrent] => C:\Users\conno_000\AppData\Roaming\uTorrent\uTorrent.exe [1268560 2014-05-13] (BitTorrent Inc.)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Spotify Web Helper] => C:\Users\conno_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-28] (Spotify Ltd)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: E - "E:\setup.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ad6129df-df55-11e2-be66-806e6f6e6963} - "D:\Special_Offers_from_SPHE_PC.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d522-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d561-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ef3ac475-fbcb-11e2-be86-84a6c8ec019d} - "F:\VZW_Software_upgrade_assistant.exe"
    Startup: C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.6.lnk
    ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
    ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

    ==================== Internet (Whitelisted) ====================

    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301
    SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}
    SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default
    FF DefaultSearchEngine: Web Search
    FF SelectedSearchEngine: Web Search
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
    FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
    FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Extension: No Name - C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\Extensions\staged [2014-05-15]
    FF Extension: No Name - C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\Extensions\{e7c9ce97-1bd5-e57f-4ac0-e4bbbb79bc73} [2014-05-15]

    Chrome:
    =======
    CHR HomePage: hxxp://awesomegifs.com/
    CHR StartupUrls: "hxxp://proxy.allsearchapp.com/app/start/", "hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a", "hxxp://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=TOSHIBAXMQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301"
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    CHR Extension: (Google Docs) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-09]
    CHR Extension: (Google Drive) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-09]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
    CHR Extension: (YouTube) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-09]
    CHR Extension: (Google Search) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-09]
    CHR Extension: (UNO HD) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiocfeggkcomnebamodmbngedojipdp [2014-06-23]
    CHR Extension: (Google Wallet) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Draw My Thing) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpjeimbfolekeldhfddmbemmpiffkch [2014-06-23]
    CHR Extension: (Enhanced Steam) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2014-06-25]
    CHR Extension: (Gmail) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-09]

    ==================== Services (Whitelisted) =================

    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
    S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [89944 2013-12-31] (EasyAntiCheat Ltd)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
    S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-24] ()
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
    R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

    ==================== Drivers (Whitelisted) ====================

    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
    R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
    R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
    S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23312 2013-01-22] (Dell Computer Corporation)
    S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2013-01-22] (Dell Computer Corporation)
    R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
    R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
    R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
    R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-25] (Microsoft Corporation)
    S3 Delldiag; \??\C:\__de11ctstestfolder20120wdcsa__\WBT\WBT_W64\DDDriver.sys [X]
    S3 ESEADriver2; \??\C:\Users\CONNO_~1\AppData\Local\Temp\ESEADriver2.sys [X]
    S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]
    S3 TDKLIB; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-07-02 15:19 - 2014-07-02 15:20 - 00022755 _____ () C:\Users\conno_000\Downloads\FRST.txt
    2014-07-02 15:19 - 2014-07-02 15:19 - 00000000 ____D () C:\FRST
    2014-07-02 15:18 - 2014-07-02 15:19 - 02083840 _____ (Farbar) C:\Users\conno_000\Downloads\FRST64.exe
    2014-07-02 14:29 - 2014-07-02 15:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-02 14:29 - 2014-07-02 14:29 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-02 14:29 - 2014-07-02 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\conno_000\Downloads\mbam-setup-2.0.2.1012.exe
    2014-07-02 14:28 - 2014-07-02 14:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-07-02 14:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-07-02 14:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-07-02 14:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-07-02 13:33 - 2014-07-02 13:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\conno_000\Downloads\spybot-2.4.exe
    2014-07-02 13:25 - 2014-07-02 13:25 - 01243655 _____ () C:\Users\conno_000\Downloads\ProcessExplorer.zip
    2014-07-01 20:43 - 2014-07-01 20:43 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Celavimus
    2014-07-01 20:41 - 2014-07-01 20:42 - 12795102 _____ (CEVO ) C:\Users\conno_000\Downloads\paladin-setup.exe
    2014-07-01 20:37 - 2014-07-01 20:43 - 00001203 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
    2014-07-01 20:37 - 2014-07-01 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
    2014-07-01 20:37 - 2014-07-01 20:37 - 00000000 ____D () C:\Program Files (x86)\CEVO
    2014-07-01 20:36 - 2014-07-01 20:37 - 13450491 _____ () C:\Users\conno_000\Downloads\CEVO CSGO Client Installer.zip
    2014-06-30 20:43 - 2014-06-30 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000944 _____ () C:\Users\conno_000\Desktop\ESEA Client.lnk
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000000 ____D () C:\Program Files\ESEA
    2014-06-29 22:48 - 2014-06-29 22:48 - 15424103 _____ () C:\Users\conno_000\Downloads\ESEAClientInstall.exe
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001830 _____ () C:\Users\conno_000\Desktop\Spotify.lnk
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001816 _____ () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2014-06-28 23:58 - 2014-06-28 23:58 - 00126112 _____ (Spotify Ltd) C:\Users\conno_000\Downloads\SpotifySetup.exe
    2014-06-28 22:56 - 2014-06-28 22:58 - 00002669 _____ () C:\Users\conno_000\Desktop\FIFA 14.lnk
    2014-06-28 20:49 - 2014-07-02 14:14 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 14
    2014-06-28 20:46 - 2014-06-28 20:47 - 37180346 ____R () C:\Users\conno_000\Downloads\FIFA14.v1.2.0.0.Final.Crack.Only.v2.rar
    2014-06-28 20:44 - 2014-06-28 20:44 - 00011904 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa14.crack.v5.final.skidrow.torrent
    2014-06-28 19:19 - 2014-06-28 19:19 - 00003136 _____ () C:\Windows\System32\Tasks\Origin
    2014-06-28 19:09 - 2014-06-28 19:19 - 00000000 ____D () C:\Program Files (x86)\FIFA 14 Ultimate Edition
    2014-06-28 15:46 - 2014-06-28 19:05 - 00000000 ____D () C:\Users\conno_000\Desktop\Games
    2014-06-28 15:31 - 2014-06-28 15:31 - 00000000 ____D () C:\Users\conno_000\Downloads\FIFA 14 Ultimate Edition - FULL - MULTI 14 - SKIDROW
    2014-06-28 15:29 - 2014-06-28 15:29 - 00033747 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa.14.ultimate.edition.full.multi.14.skidrow.torrent
    2014-06-26 19:21 - 2014-06-26 19:21 - 00000017 _____ () C:\Users\conno_000\AppData\Local\resmon.resmoncfg
    2014-06-24 20:14 - 2014-06-30 20:40 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Spotify
    2014-06-24 20:14 - 2014-06-30 20:35 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Spotify
    2014-06-23 23:02 - 2014-06-23 23:02 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-06-19 16:20 - 2014-06-19 16:20 - 00000870 _____ () C:\Users\conno_000\Downloads\ACCOUNTS.ZIP
    2014-06-19 15:59 - 2014-07-02 14:59 - 00000000 ____D () C:\Users\joann_000.CONNORSPC
    2014-06-19 15:59 - 2014-06-28 15:43 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-06-10 17:21 - 2014-06-10 17:21 - 00000000 ____D () C:\Program Files\CEVO
    2014-06-08 23:17 - 2014-03-05 07:46 - 00765824 _____ (Razer USA Ltd) C:\Windows\SysWOW64\RzMwApi.dll
    2014-06-08 23:00 - 2014-06-08 23:01 - 55801856 _____ (Razer Inc.) C:\Users\conno_000\Downloads\Razer_Synapse_Framework_V1.18.13.exe
    2014-06-06 23:54 - 2014-06-06 23:54 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard
    2014-06-06 23:45 - 2014-06-28 17:46 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-06-06 23:45 - 2014-06-06 23:45 - 00001189 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-06-06 23:45 - 2014-06-06 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-06-06 23:41 - 2014-06-28 18:23 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Battle.net
    2014-06-06 23:41 - 2014-06-25 00:18 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Battle.net
    2014-06-06 23:41 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard Entertainment
    2014-06-06 23:40 - 2014-06-28 18:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
    2014-06-06 23:38 - 2014-06-06 23:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\conno_000\Downloads\Hearthstone-Setup-enUS.exe
    2014-06-06 23:38 - 2014-06-06 23:38 - 00000000 ____D () C:\ProgramData\Battle.net

    ==================== One Month Modified Files and Folders =======

    2014-07-02 15:20 - 2014-07-02 15:19 - 00022755 _____ () C:\Users\conno_000\Downloads\FRST.txt
    2014-07-02 15:19 - 2014-07-02 15:19 - 00000000 ____D () C:\FRST
    2014-07-02 15:19 - 2014-07-02 15:18 - 02083840 _____ (Farbar) C:\Users\conno_000\Downloads\FRST64.exe
    2014-07-02 15:16 - 2014-01-09 18:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-07-02 15:07 - 2014-07-02 14:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-02 15:07 - 2012-07-26 03:28 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-07-02 15:05 - 2013-07-19 19:12 - 00000000 ____D () C:\Users\conno_000\AppData\Local\LogMeIn Hamachi
    2014-07-02 15:05 - 2013-07-09 17:10 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-07-02 15:04 - 2013-07-09 17:02 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-07-02 15:01 - 2014-01-27 13:53 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
    2014-07-02 15:01 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-07-02 15:00 - 2013-07-09 16:58 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Adobe
    2014-07-02 15:00 - 2013-06-27 14:16 - 00146382 _____ () C:\Windows\PFRO.log
    2014-07-02 15:00 - 2012-07-26 04:12 - 00000000 __RSD () C:\Windows\Media
    2014-07-02 15:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
    2014-07-02 15:00 - 2012-07-26 01:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
    2014-07-02 14:59 - 2014-06-19 15:59 - 00000000 ____D () C:\Users\joann_000.CONNORSPC
    2014-07-02 14:59 - 2013-09-22 14:22 - 00000000 ____D () C:\ProgramData\Conduit
    2014-07-02 14:59 - 2013-07-09 16:41 - 00000000 ____D () C:\Users\joann_000
    2014-07-02 14:44 - 2013-07-09 17:02 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-07-02 14:29 - 2014-07-02 14:29 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-02 14:29 - 2014-07-02 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-02 14:29 - 2014-07-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\conno_000\Downloads\mbam-setup-2.0.2.1012.exe
    2014-07-02 14:28 - 2014-07-02 14:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-07-02 14:14 - 2014-06-28 20:49 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 14
    2014-07-02 13:43 - 2014-07-02 13:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\conno_000\Downloads\spybot-2.4.exe
    2014-07-02 13:25 - 2014-07-02 13:25 - 01243655 _____ () C:\Users\conno_000\Downloads\ProcessExplorer.zip
    2014-07-02 12:21 - 2013-10-20 19:12 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Adobe
    2014-07-01 22:56 - 2013-10-28 20:59 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\TS3Client
    2014-07-01 20:43 - 2014-07-01 20:43 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Celavimus
    2014-07-01 20:43 - 2014-07-01 20:37 - 00001203 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
    2014-07-01 20:43 - 2014-07-01 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
    2014-07-01 20:42 - 2014-07-01 20:41 - 12795102 _____ (CEVO ) C:\Users\conno_000\Downloads\paladin-setup.exe
    2014-07-01 20:37 - 2014-07-01 20:37 - 00000000 ____D () C:\Program Files (x86)\CEVO
    2014-07-01 20:37 - 2014-07-01 20:36 - 13450491 _____ () C:\Users\conno_000\Downloads\CEVO CSGO Client Installer.zip
    2014-07-01 14:40 - 2013-10-21 21:29 - 00000000 ____D () C:\Users\conno_000\AppData\Local\CrashDumps
    2014-06-30 20:43 - 2014-06-30 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    2014-06-30 20:43 - 2014-01-02 21:57 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
    2014-06-30 20:43 - 2013-07-19 19:12 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
    2014-06-30 20:41 - 2013-12-14 12:47 - 04955952 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-06-30 20:40 - 2014-06-24 20:14 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Spotify
    2014-06-30 20:35 - 2014-06-24 20:14 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Spotify
    2014-06-30 12:30 - 2013-06-27 14:20 - 01716340 _____ () C:\Windows\WindowsUpdate.log
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000944 _____ () C:\Users\conno_000\Desktop\ESEA Client.lnk
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000000 ____D () C:\Program Files\ESEA
    2014-06-29 22:48 - 2014-06-29 22:48 - 15424103 _____ () C:\Users\conno_000\Downloads\ESEAClientInstall.exe
    2014-06-29 19:46 - 2013-07-20 15:43 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\uTorrent
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001830 _____ () C:\Users\conno_000\Desktop\Spotify.lnk
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001816 _____ () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2014-06-28 23:58 - 2014-06-28 23:58 - 00126112 _____ (Spotify Ltd) C:\Users\conno_000\Downloads\SpotifySetup.exe
    2014-06-28 22:58 - 2014-06-28 22:56 - 00002669 _____ () C:\Users\conno_000\Desktop\FIFA 14.lnk
    2014-06-28 21:35 - 2013-06-27 14:47 - 00189274 _____ () C:\Windows\DPINST.LOG
    2014-06-28 21:34 - 2013-12-20 13:46 - 00000000 ____D () C:\Program Files (x86)\Razer
    2014-06-28 21:33 - 2013-12-20 13:47 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Razer
    2014-06-28 21:31 - 2013-12-20 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
    2014-06-28 20:58 - 2013-09-04 22:04 - 00000000 ____D () C:\ProgramData\Origin
    2014-06-28 20:58 - 2013-09-04 22:04 - 00000000 ____D () C:\Program Files (x86)\Origin
    2014-06-28 20:47 - 2014-06-28 20:46 - 37180346 ____R () C:\Users\conno_000\Downloads\FIFA14.v1.2.0.0.Final.Crack.Only.v2.rar
    2014-06-28 20:44 - 2014-06-28 20:44 - 00011904 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa14.crack.v5.final.skidrow.torrent
    2014-06-28 19:48 - 2013-07-09 17:04 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2100282219-3180197948-4272881602-1005
    2014-06-28 19:19 - 2014-06-28 19:19 - 00003136 _____ () C:\Windows\System32\Tasks\Origin
    2014-06-28 19:19 - 2014-06-28 19:09 - 00000000 ____D () C:\Program Files (x86)\FIFA 14 Ultimate Edition
    2014-06-28 19:19 - 2013-09-04 22:05 - 00000000 ___HD () C:\Users\conno_000\AppData\Roaming\Origin
    2014-06-28 19:05 - 2014-06-28 15:46 - 00000000 ____D () C:\Users\conno_000\Desktop\Games
    2014-06-28 18:43 - 2014-04-16 20:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
    2014-06-28 18:39 - 2013-07-09 17:02 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-06-28 18:39 - 2013-07-09 17:02 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-06-28 18:31 - 2013-07-09 16:58 - 00000000 ____D () C:\Users\conno_000
    2014-06-28 18:28 - 2014-03-10 15:10 - 00000000 ____D () C:\Users\conno_000\AppData\Local\LPT
    2014-06-28 18:25 - 2014-05-08 20:09 - 00000000 ____D () C:\Users\conno_000\Downloads\The.Amazing.Spider-Man.2.Proper-RELOADED
    2014-06-28 18:25 - 2014-04-28 12:14 - 00000000 ____D () C:\Users\conno_000\Downloads\Trials Fusion_RePack by SEYTER
    2014-06-28 18:25 - 2014-03-21 20:21 - 00000000 ____D () C:\Users\conno_000\Downloads\The Amazing Spiderman (2012) [1080p]
    2014-06-28 18:25 - 2014-03-13 13:45 - 00000000 ____D () C:\Users\conno_000\Downloads\Batman The Dark Knight (2008) [1080p]
    2014-06-28 18:25 - 2014-03-09 22:59 - 00000000 ____D () C:\Users\conno_000\Downloads\Corel Draw X5 with Keygen
    2014-06-28 18:25 - 2013-10-18 22:30 - 00000000 ____D () C:\Users\conno_000\Downloads\rzr-skrm
    2014-06-28 18:25 - 2013-10-14 21:55 - 00000000 ____D () C:\Users\conno_000\Downloads\orbx
    2014-06-28 18:25 - 2013-10-09 18:00 - 00000000 ____D () C:\Users\conno_000\Downloads\Microsoft Flight Simulator X deluxe
    2014-06-28 18:25 - 2013-10-05 11:07 - 00000000 ____D () C:\Users\conno_000\Downloads\Far.Cry.3.Update.v1.04-RELOADED
    2014-06-28 18:25 - 2013-10-05 10:32 - 00000000 ____D () C:\Users\conno_000\Downloads\Far Cry 3 Proper DLC Unlocker-smashly
    2014-06-28 18:25 - 2013-09-26 18:58 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 13
    2014-06-28 18:25 - 2013-09-09 22:44 - 00000000 ____D () C:\Users\conno_000\Downloads\Borderlands 2 cumulative update 1.6.0 + DLC ^^nosTEAM^^
    2014-06-28 18:25 - 2013-08-14 16:22 - 00000000 ____D () C:\Users\conno_000\Downloads\Skyfall.2012.DVDRip.XviD-SPARKS
    2014-06-28 18:25 - 2013-08-14 14:59 - 00000000 ____D () C:\Users\conno_000\Downloads\Far.Cry.3-RELOADED
    2014-06-28 18:25 - 2013-07-20 15:49 - 00000000 ____D () C:\Users\conno_000\Downloads\NBA 2K13 PC full game ^^nosTEAM^^
    2014-06-28 18:23 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Battle.net
    2014-06-28 18:23 - 2013-09-24 17:16 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\DVDVideoSoft
    2014-06-28 18:22 - 2013-10-26 15:53 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-06-28 18:22 - 2013-08-28 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder
    2014-06-28 18:22 - 2013-07-09 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-06-28 18:21 - 2013-09-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
    2014-06-28 18:15 - 2013-09-24 17:16 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
    2014-06-28 18:15 - 2013-08-28 01:48 - 00000000 ____D () C:\Program Files (x86)\Free Sound Recorder
    2014-06-28 18:14 - 2014-06-06 23:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-06-28 18:01 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\registration
    2014-06-28 17:59 - 2014-02-18 16:37 - 00000000 ____D () C:\Users\conno_000\Downloads\OptiFine_1.6.4_HD_C9
    2014-06-28 17:51 - 2013-12-20 13:46 - 00000000 ____D () C:\ProgramData\Razer
    2014-06-28 17:46 - 2014-06-06 23:45 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-06-28 17:46 - 2013-10-26 15:53 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
    2014-06-28 17:45 - 2014-05-21 12:56 - 00000000 __RHD () C:\MSOCache
    2014-06-28 17:45 - 2013-10-19 14:52 - 00000000 ____D () C:\Games
    2014-06-28 15:43 - 2014-06-19 15:59 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-06-28 15:31 - 2014-06-28 15:31 - 00000000 ____D () C:\Users\conno_000\Downloads\FIFA 14 Ultimate Edition - FULL - MULTI 14 - SKIDROW
    2014-06-28 15:29 - 2014-06-28 15:29 - 00033747 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa.14.ultimate.edition.full.multi.14.skidrow.torrent
    2014-06-26 19:21 - 2014-06-26 19:21 - 00000017 _____ () C:\Users\conno_000\AppData\Local\resmon.resmoncfg
    2014-06-26 11:16 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
    2014-06-26 00:05 - 2013-07-20 15:52 - 00579584 ___SH () C:\Users\conno_000\Desktop\Thumbs.db
    2014-06-25 00:18 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Battle.net
    2014-06-23 23:02 - 2014-06-23 23:02 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-06-22 23:33 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
    2014-06-22 23:33 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2014-06-21 18:14 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\LiveKernelReports
    2014-06-19 16:20 - 2014-06-19 16:20 - 00000870 _____ () C:\Users\conno_000\Downloads\ACCOUNTS.ZIP
    2014-06-10 17:21 - 2014-06-10 17:21 - 00000000 ____D () C:\Program Files\CEVO
    2014-06-08 23:01 - 2014-06-08 23:00 - 55801856 _____ (Razer Inc.) C:\Users\conno_000\Downloads\Razer_Synapse_Framework_V1.18.13.exe
    2014-06-06 23:54 - 2014-06-06 23:54 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard
    2014-06-06 23:45 - 2014-06-06 23:45 - 00001189 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-06-06 23:45 - 2014-06-06 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-06-06 23:41 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard Entertainment
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
    2014-06-06 23:38 - 2014-06-06 23:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\conno_000\Downloads\Hearthstone-Setup-enUS.exe
    2014-06-06 23:38 - 2014-06-06 23:38 - 00000000 ____D () C:\ProgramData\Battle.net
    2014-06-02 21:04 - 2013-07-09 21:00 - 00319464 _____ () C:\Windows\DirectX.log

    Files to move or delete:
    ====================
    C:\Users\conno_000\AppData\Roaming\CamLayout.ini
    C:\Users\conno_000\AppData\Roaming\CamShapes.ini
    C:\Users\conno_000\AppData\Roaming\CamStudio.Producer.Data.ini
    C:\Users\conno_000\AppData\Roaming\Origin\update.vbe


    Some content of TEMP:
    ====================
    C:\Users\conno_000\AppData\Local\Temp\DDDInstallManager.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer.exe
    C:\Users\conno_000\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-11-g81cb6e3-b2852jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-jenkins-CraftBukkit-173.dll
    C:\Users\conno_000\AppData\Local\Temp\libcurl.dll
    C:\Users\conno_000\AppData\Local\Temp\libeay32.dll
    C:\Users\conno_000\AppData\Local\Temp\libidn-11.dll
    C:\Users\conno_000\AppData\Local\Temp\librtmp.dll
    C:\Users\conno_000\AppData\Local\Temp\libssh2.dll
    C:\Users\conno_000\AppData\Local\Temp\libusb-1.0.dll
    C:\Users\conno_000\AppData\Local\Temp\LiveUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\mpa03712.exe
    C:\Users\conno_000\AppData\Local\Temp\nsz3687.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\safeguard.exe
    C:\Users\conno_000\AppData\Local\Temp\Setup-Wacom.exe
    C:\Users\conno_000\AppData\Local\Temp\sonarinst.exe
    C:\Users\conno_000\AppData\Local\Temp\ssleay32.dll
    C:\Users\conno_000\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\conno_000\AppData\Local\Temp\tbSwee.dll
    C:\Users\conno_000\AppData\Local\Temp\u59kb_lc.dll
    C:\Users\conno_000\AppData\Local\Temp\ubi43D9.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiA19.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiE28E.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\update.exe
    C:\Users\conno_000\AppData\Local\Temp\xmlUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\zlib1.dll


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-06-29 12:30

    ==================== End Of Log ============================

    Additional:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
    Ran by conno_000 at 2014-07-02 15:21:27
    Running from C:\Users\conno_000\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    "Thief" (HKLM-x32\...\{7CEA3557-5E36-49EE-9CBF-504EEA99E0DE}_is1) (Version: 1.0.4107.3 (Update 1) - )
    µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
    7 Days to Die - Alpha version 0.9.1 (HKLM-x32\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 0.9.1 - The Fun Pimps LLC)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC)
    APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
    Arma 2 (HKLM-x32\...\Steam App 33900) (Version: - Bohemia Interactive)
    Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
    Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
    Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
    Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.)
    AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
    AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: - Online Media Technologies Ltd.)
    AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
    AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
    Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
    BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
    Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
    Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
    Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
    Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
    Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
    Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
    Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
    CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
    CEVO Paladin (0.5.0.0) (HKLM\...\cmn_cevo_is1) (Version: 0.5.0.0 - CEVO)
    Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
    Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
    Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
    EPSON Artisan 837 Series Printer Uninstall (HKLM\...\EPSON Artisan 837 Series) (Version: - SEIKO EPSON Corporation)
    ESEA Client (HKCU\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
    FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts)
    FileZilla Client 3.7.1.1 (HKCU\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
    Free Audio Converter version 5.0.28.827 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.28.827 - DVDVideoSoft Ltd.)
    Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
    GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
    Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
    Goat Simulator Development Kit (HKLM-x32\...\Steam App 285710) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
    Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
    Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
    Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Leetway Client (HKLM-x32\...\{667124BE-B9E1-4E5A-A0F5-4313C6A8A5C2}) (Version: 1 - Leetway Inc.)
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games)
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
    Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.61355.0 - Microsoft Game Studios)
    Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
    Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6) (Version: 10.0.61355.0 - Microsoft Game Studios)
    Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
    Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
    MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
    MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    NASCAR The Game 2013 (HKLM-x32\...\NASCAR The Game 2013_is1) (Version: - )
    NBA 2K13 (HKLM-x32\...\Steam App 219600) (Version: - Visual Concepts)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.45.6 - Black Tree Gaming)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.2 - Notepad++ Team)
    NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
    NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
    Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
    PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.3.6 - PowerUp Software)
    PlayUp Tools (HKLM-x32\...\PlayUp Tools) (Version: 0.9.9.2 - PlayUp)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.37 - Dell Inc.)
    QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
    Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    REX Essential Plus Overdrive (HKLM-x32\...\{9F30A684-44DC-4BDF-89ED-70F9021B851F}) (Version: 3.5.2012.1029 - REX Game Studios)
    Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
    Scribblenauts Unlimited (HKLM-x32\...\Scribblenauts Unlimited_is1) (Version: - )
    Scribblenauts Unmasked A DC Comics Adventure (HKLM-x32\...\Scribblenauts Unmasked A DC Comics Adventure_is1) (Version: - )
    Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
    Setup - FIFA 14 Ultimate Edition ... (HKLM-x32\...\Setup - FIFA 14 Ultimate Edition ...) (Version: ... - Electronic Arts)
    SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization V Brave New World (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uVg==_is1) (Version: 1 - )
    SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
    Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
    South Park The Stick of Truth, âåðñèÿ 1.0 (HKLM-x32\...\South Park The Stick of Truth_is1) (Version: 1.0 - =×óâàê=)
    Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
    Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
    The Amazing Spider-Man 2 (HKLM-x32\...\VGhlQW1hemluZ1NwaWRlck1hbjI=_is1) (Version: 1 - )
    Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
    Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
    Trials Fusion, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Trials Fusion_is1) (Version: 1.0.0.0 - RePack by SEYTER)
    Uplay (HKLM-x32\...\Uplay) (Version: 3.2 - Ubisoft)
    Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
    Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
    War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
    WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
    WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
    Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
    XnView 2.05 (HKLM-x32\...\XnView_is1) (Version: 2.05 - Gougelet Pierre-e)

    ==================== Restore Points =========================

    28-06-2014 20:25:01 cleaning viruses
    28-06-2014 21:37:46 Restore Operation

    ==================== Hosts content: ==========================

    2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {0626CA07-403A-4127-A073-8FE596E3F069} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
    Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
    Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
    Task: {370DF13C-227A-4E8A-9498-C80DA3632324} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
    Task: {3870269C-A753-41CE-9470-A3543CA5ED69} - System32\Tasks\Origin => C:\Users\conno_000\AppData\Roaming\Origin\update.vbe [2014-06-28] () <==== ATTENTION
    Task: {65E7E9E0-C2DA-4DAF-A44A-976609790CEF} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
    Task: {7E5F1297-E3C2-482E-AFBA-EB37D63B5311} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
    Task: {8C258852-C5BA-4030-9F3A-6EE52273E3D6} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-connormer@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {974EEE2D-FB52-4D85-8945-FC1F548F1088} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
    Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
    Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
    Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-10-01 16:56 - 2014-03-04 10:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2013-06-27 14:26 - 2014-03-04 09:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-04-16 20:11 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2014-04-16 20:11 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
    2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2013-07-09 21:04 - 2013-11-24 09:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2014-03-09 15:45 - 2013-12-04 12:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
    2013-06-26 22:33 - 2013-04-02 16:42 - 00176024 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
    2013-06-26 22:36 - 2012-10-26 14:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-07-02 15:05 - 2014-07-02 15:05 - 00645646 _____ () C:\Windows\Temp\svchost.exe
    2014-06-28 18:42 - 2014-06-28 18:42 - 08890536 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2014-04-05 18:59 - 2014-04-05 18:59 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\4f91b7d6b3821366470574294553d6ce\PSIClient.ni.dll
    2013-06-27 14:46 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-05-26 16:23 - 2014-04-29 20:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
    2014-05-26 16:23 - 2014-04-29 20:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
    2014-05-15 16:35 - 2014-04-29 20:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
    2014-05-15 16:35 - 2014-04-29 20:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
    2014-05-15 16:35 - 2014-05-16 21:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2014-05-26 16:23 - 2014-05-29 13:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
    2014-05-26 16:23 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
    2014-05-15 16:35 - 2014-05-29 13:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2014-05-15 16:35 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
    2013-10-01 16:56 - 2014-03-04 10:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-06-29 11:25 - 2014-07-02 15:05 - 00279955 _____ () C:\Windows\Temp\libidn-11.dll
    2014-06-29 11:25 - 2014-07-02 15:05 - 00084992 _____ () C:\Windows\Temp\zlib1.dll
    2013-06-27 16:12 - 2013-06-27 16:12 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
    2013-07-07 15:14 - 2013-07-07 15:14 - 01589248 _____ () C:\Program Files (x86)\Notepad++\plugins\DSpellCheck.dll
    2011-07-18 17:07 - 2011-07-18 17:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
    2011-09-21 16:46 - 2011-09-21 16:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    HKLM\...\StartupApproved\Run32: => "Razer Synapse"
    HKCU\...\StartupApproved\StartupFolder: => "Intel(R) Turbo Boost Technology Monitor 2.6.lnk"
    HKCU\...\StartupApproved\Run: => "uTorrent"
    HKCU\...\StartupApproved\Run: => "Clownfish"

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost (6032) {7118142E-3FA1-4473-980D-8B368114A659}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost (6032) {7118142E-3FA1-4473-980D-8B368114A659}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (07/02/2014 03:05:45 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost (4256) {1C7FADDF-B973-4F3D-921A-DCC97C92C698}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/02/2014 03:05:44 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost (4256) {1C7FADDF-B973-4F3D-921A-DCC97C92C698}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/02/2014 03:00:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost (5884) {22C1E02E-C089-45AC-BC7A-65C6D01B351E}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost (5884) {22C1E02E-C089-45AC-BC7A-65C6D01B351E}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/02/2014 02:00:24 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost (4084) {2BCB7BAF-07FD-4A5D-B9DD-C96EC1CD64C9}: Database recovery/restore failed with unexpected error -1216.


    System errors:
    =============
    Error: (07/02/2014 03:01:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/30/2014 08:43:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    Error: (06/30/2014 08:42:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/30/2014 08:41:34 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 12:22:57 PM on ‎6/‎30/‎2014 was unexpected.

    Error: (06/29/2014 04:22:15 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office Sessions:
    =========================
    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost6032{7118142E-3FA1-4473-980D-8B368114A659}: -1216

    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost6032{7118142E-3FA1-4473-980D-8B368114A659}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: WmiApRplWmiApRpl8F2030000E5050000

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance163707000000000000000000008F020000

    Error: (07/02/2014 03:05:45 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost4256{1C7FADDF-B973-4F3D-921A-DCC97C92C698}: -1216

    Error: (07/02/2014 03:05:44 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost4256{1C7FADDF-B973-4F3D-921A-DCC97C92C698}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/02/2014 03:00:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost5884{22C1E02E-C089-45AC-BC7A-65C6D01B351E}: -1216

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost5884{22C1E02E-C089-45AC-BC7A-65C6D01B351E}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/02/2014 02:00:24 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost4084{2BCB7BAF-07FD-4A5D-B9DD-C96EC1CD64C9}: -1216


    ==================== Memory info ===========================

    Percentage of memory in use: 27%
    Total physical RAM: 8048.88 MB
    Available physical RAM: 5851.26 MB
    Total Pagefile: 9264.88 MB
    Available Pagefile: 7030.58 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.78 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:930.37 GB) (Free:134.73 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 932 GB) (Disk ID: B2CF82E0)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================

    AdwCleaner:

    # AdwCleaner v3.214 - Report created 02/07/2014 at 15:34:19
    # Updated 29/06/2014 by Xplode
    # Operating System : Windows 8 (64 bits)
    # Username : conno_000 - CONNORSPC
    # Running from : C:\Users\conno_000\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\SearchProtect
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\Program Files (x86)\SearchProtect
    Folder Deleted : C:\Windows\SysWOW64\SearchProtect
    Folder Deleted : C:\Users\conno_000\AppData\Local\Bundled software uninstaller
    Folder Deleted : C:\Users\conno_000\AppData\Local\LPT
    Folder Deleted : C:\Users\CONNO_~1\AppData\Local\Temp\eIntaller
    Folder Deleted : C:\Users\CONNO_~1\AppData\Local\Temp\Smartbar
    Folder Deleted : C:\Users\conno_000\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\conno_000\AppData\LocalLow\Smartbar
    File Deleted : C:\END
    File Deleted : C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

    ***** [ Shortcuts ] *****

    Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
    Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3314199
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
    Key Deleted : HKCU\Software\BI
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKLM\Software\eSafeSecControl
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16537


    -\\ Mozilla Firefox v26.0 (en-US)

    [ File : C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js ]

    Line Deleted : user_pref("CT3314199.FF19Solved", "true");
    Line Deleted : user_pref("CT3314199.UserID", "UN13689966631768927");
    Line Deleted : user_pref("CT3314199.fullUserID", "UN13689966631768927.IN.20130922142136");
    Line Deleted : user_pref("CT3314199.installDate", "22/09/2013 14:21:39");
    Line Deleted : user_pref("CT3314199.installSessionId", "{14A0F16D-952E-481A-A36D-2A1D07C4E2F0}");
    Line Deleted : user_pref("CT3314199.installSp", "TRUE");
    Line Deleted : user_pref("CT3314199.installerVersion", "1.6.1.2");
    Line Deleted : user_pref("CT3314199.keyword", "true");
    Line Deleted : user_pref("CT3314199.originalHomepage", "about:home");
    Line Deleted : user_pref("CT3314199.originalSearchAddressUrl", "");
    Line Deleted : user_pref("CT3314199.searchRevert", "false");
    Line Deleted : user_pref("CT3314199.searchUserMode", "2");
    Line Deleted : user_pref("CT3314199.smartbar.homepage", "true");
    Line Deleted : user_pref("CT3314199.versionFromInstaller", "10.20.0.13");
    Line Deleted : user_pref("CT3314199.xpeMode", "0");
    Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3314199&octid=CT3314199&SearchSource=61&CUI=UN13689966631768927&UM=2&UP=SPB8AC3BA2-62A0-4B9A-8EAC-90989B5969F6");
    Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
    Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
    Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
    Line Deleted : user_pref("extensions.helperbar.BackPageActive", true);
    Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
    Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
    Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
    Line Deleted : user_pref("extensions.helperbar.Visibility", false);
    Line Deleted : user_pref("extensions.helperbar.backPageCapacity", 3);
    Line Deleted : user_pref("extensions.helperbar.backPageCounter", 0);
    Line Deleted : user_pref("extensions.helperbar.backPageDay", 15);
    Line Deleted : user_pref("extensions.helperbar.backPageLastEvent", "1400010818188");
    Line Deleted : user_pref("extensions.helperbar.backPageMinInterval", 15);
    Line Deleted : user_pref("extensions.helperbar.barcodeid", "769");
    Line Deleted : user_pref("extensions.helperbar.countryiso", "us");
    Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
    Line Deleted : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"www.only-apartments.es\\\",\\\"www.only-apartments.de\\\",\\\"www.only-apar[...]
    Line Deleted : user_pref("extensions.helperbar.fromautoupdate", "false");
    Line Deleted : user_pref("extensions.helperbar.installationid", "e7c9ce97-1bd5-e57f-4ac0-e4bbbb79bc73");
    Line Deleted : user_pref("extensions.helperbar.installdate", "22/10/2013");
    Line Deleted : user_pref("extensions.helperbar.keepAliveLastevent", "1400183618");
    Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1400183626884");
    Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");
    Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3314199");
    Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3314199&CUI=UN13689966631768927&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3314199&octid=CT3314199&SearchSource[...]
    Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3314199&SearchSource=2&CUI=UN13689966631768927&UM=2&q=");
    Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3314199");
    Line Deleted : user_pref("smartbar.machineId", "H2J/IQDLINKD1IIYV0TRWBAWTZ7A9HLPQTD6PBWSJR+9RHZKV5LMRUALDFAKI4BG4JVLFQFC+ZQEWBGXRQPEPA");
    Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3314199&CUI=UN13689966631768927&UM=2&SearchSource=13");

    -\\ Google Chrome v35.0.1916.153

    [ File : C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Startup_urls] : hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a
    Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2
    Deleted [Startup_urls] : hxxp://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=TOSHIBAXMQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301
    Deleted [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
    Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
    Deleted [Extension] : cekcjpgehmohobmdiikfnopibipmgnml
    Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
    Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo

    *************************

    AdwCleaner[R0].txt - [12343 octets] - [02/07/2014 15:31:51]
    AdwCleaner[S0].txt - [11085 octets] - [02/07/2014 15:34:19]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11146 octets] ##########
     
    Connor Merenda, Jul 2, 2014
    #4
  6. allheart55 (Cindy E)

    allheart55 (Cindy E) Administrator Administrator

    Joined:
    Jun 11, 2009
    Messages:
    10,616
    Location:
    Pennsylvania
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    ASUS M4A77TD AM3 AMD 770 ATX AMD
    CPU:
    AMD Phenom II X6 1090T-Thuban 3.2GHz
    Memory:
    Crucial-DDR3 SDRAM 1333-8GB
    Hard Drive:
    WD Caviar Black SE HDD 640 GB - WD Caviar Black SE HDD 500 GB
    Graphics Card:
    Sapphire Radeon HD-7870 2GB
    Power Supply:
    CORSAIR CMPSU-750W
    Hi Connor,

    It looks as if you need some malware removal assistance.
    I'll move your thread to the appropriate area and notify our experts.

    Someone will assist you shortly. Please be patient as our experts work on multiple forums.
     
    allheart55 (Cindy E), Jul 2, 2014
    #5
  7. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    Malwarebyte:
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 7/2/2014
    Scan Time: 2:30:38 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.02.06
    Rootkit Database: v2014.07.01.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8
    CPU: x64
    File System: NTFS
    User: conno_000

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 316431
    Time Elapsed: 20 min, 12 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 3
    Heuristics.Shuriken, C:\Users\conno_000\AppData\Roaming\Adobe\hkcmd.exe, 5664, Delete-on-Reboot, [ffffffffffffffffffffffffffffffff]
    Trojan.BitCoinMiner, C:\Windows\Temp\svchost.exe, 8528, Delete-on-Reboot, [3d817129364583b3de9447c7758c8080]
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe, 5748, Delete-on-Reboot, [308e7f1b99e24beb54258f5b3ec514ec]

    Modules: 30
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\MACTrackBarLib.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sgml.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbl.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sidb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\siem.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sipb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smta.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smtu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbe.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sppsm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spusm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbs.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srns.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srom.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srpdm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsbsau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srut.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],

    Registry Keys: 14
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.QuickShare.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, Quarantined, [9d219406a9d2e0561e422d56986a35cb],
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [318d1684b1ca2e085a2700f7996afb05],
    PUP.Optional.DoSearches.A, HKLM\SOFTWARE\WOW6432NODE\dosearchesSoftware, Quarantined, [1ba3980292e965d17d1f8669b152d32d],
    PUP.Optional.Ligtning.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cekcjpgehmohobmdiikfnopibipmgnml, Quarantined, [e1ddf5a512696ec8c51d904113efb848],
    PUP.Optional.Elex.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ifohbjbgfchkkfhphahclmkpgejiplfo, Quarantined, [fbc3168444373afc6837c12e49ba2cd4],
    PUP.Optional.SmartBar, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, Quarantined, [ead4c6d4e49795a161c9b0542fd53ac6],
    PUP.Optional.SmartBar, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, Quarantined, [e4da702a2c4fe94df9308b7941c3c53b],
    PUP.Optional.Softonic.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [536bd5c55f1cd3631d5d2e96ce34bf41],

    Registry Values: 4
    Heuristics.Shuriken, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Keyboard Inf., C:\Users\conno_000\AppData\Roaming\Adobe\hkcmd.exe, Quarantined, [ffffffffffffffffffffffffffffffff]
    PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll C:\Windows\system32\nvinitx.dll, Quarantined, [c2fca3f784f701356216848749bb11ef]
    PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Windows\SysWOW64\nvinit.dll, Quarantined, [b509e1b9ef8cad89cfa98a8113f1916f]
    PUP.Optional.SmartBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Infrastructure Helper, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe startup, Quarantined, [308e7f1b99e24beb54258f5b3ec514ec]

    Registry Data: 20
    PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Windows\SysWOW64\nvinit.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll),Replaced,[803e1c7e4b301e1857ee1113649d33cd]
    PUP.Optional.Conduit.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll C:\Windows\system32\nvinitx.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll),Replaced,[9f1fa9f1403bfb3b202520040df43ec2]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[5e60f5a5ee8d9f9741442769877df20e]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[bc0279213546f541295d137dde26ba46]
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[13ab1d7dfa8180b6774ac7c953b17b85]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[4e703a60fa81bf77b9cc0c84966efa06]
    PUP.Optional.DoSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[5d617c1ea6d56ccab2d44e4283817888]
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[47773a600675fc3a11b00d83fc08e21e]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[15a99dfda0dbd660ffe2355141c3ab55]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[c3fb059580fb49edd5f567290202817f]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.helperbar.com/?p=mKO_Aw...ABb3_LJSr6CSLC0Vyfdhtur_36d74x8oM4KW_Wpb2f5ok,, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[0bb34c4e3447e2541bc7622449bb7b85]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.helperbar.com/?p=mKO_Aw...ABb3_LJSr6CSLC0Vyfdhtur_36d74x8oM4KW_Wpb2f5ok,, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d5e97228522942f4c00b226e36ceda26]
    PUP.Optional.DoSearches, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301, Good: (http://www.google.com), Bad: (http://www.dosearches.com/?utm_sour...),Replaced,[4a7475256e0d8ea8bac95e32689c1de3]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[5965673335460a2cf1efe0a6a460c53b]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d4ea97031863a98d5970a0f0a65e29d7]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[47773f5b07741e182fb4a5e181839e62]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d6e8faa0f2890432bc10612f1ee69967]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[d8e627736714d85ea73d553139cb39c7]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (http://www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[17a78e0c3f3c93a35578048cf90b0ff1]
    PUP.Optional.HelperBar.A, HKU\S-1-5-21-2100282219-3180197948-4272881602-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?p=mKO_Aw...),Replaced,[15a9a9f18cef88ae538c295d4bb9a060]

    Folders: 43
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ar, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\de, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\es, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\fr, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\he, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\it, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\nl, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\pt, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ru, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\tr, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\icons, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\10.201.1.12915, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\11.24.60.15709, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\plugins, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\defaults, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\defaults\preferences, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, Quarantined, [8a34207a1467af87394598ffb2501de3],
    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Delete-on-Reboot, [c4fa75251962ec4a82105642639f669a],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SearchProtect.A, C:\Users\conno_000\AppData\Local\SearchProtect, Quarantined, [0faf1c7e8cef3204835c98142cd6837d],
    PUP.Optional.SearchProtect.A, C:\Users\conno_000\AppData\Local\SearchProtect\SearchProtect, Quarantined, [0faf1c7e8cef3204835c98142cd6837d],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Managera.A, C:\Users\conno_000\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [f0ce2f6bde9df1454300199633cf57a9],

    Files: 386
    Heuristics.Shuriken, C:\Users\conno_000\AppData\Roaming\Adobe\hkcmd.exe, Delete-on-Reboot, [ffffffffffffffffffffffffffffffff],
    Trojan.BitCoinMiner, C:\Windows\Temp\svchost.exe, Delete-on-Reboot, [3d817129364583b3de9447c7758c8080],
    PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, Delete-on-Reboot, [803e1c7e4b301e1857ee1113649d33cd],
    PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, Quarantined, [9f1fa9f1403bfb3b202520040df43ec2],
    RiskWare.Tool.CK, C:\$Recycle.Bin\S-1-5-21-2100282219-3180197948-4272881602-1005\$RQ2S484.exe, Quarantined, [fcc27b1f4932ee48e49c2da310f1f808],
    Trojan.BitCoinMiner, C:\Users\conno_000\AppData\Local\Temp\svchost.exe, Quarantined, [f9c5c0da0a71f3434b27ac621ce5ad53],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsg8E73.exe, Quarantined, [37878614d2a92b0b75d0b96b03fef709],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsi9358.exe, Quarantined, [1ca224762b5080b6df66bb69dd24da26],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsl28B4.exe, Quarantined, [5965a2f86c0f66d0b590b56f3cc545bb],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsoD5AD.exe, Quarantined, [6f4fff9b2a516bcb1a2b9d877c858779],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsu4C9A.exe, Quarantined, [229cdcbe0a7149ed1233f72dae53946c],
    PUP.Optional.QuickShare.A, C:\Users\conno_000\AppData\Local\Temp\QuickShare1.exe, Quarantined, [d3eb0c8ec8b36acc3c0cfa249e626c94],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Temp\nsuFDD0.tmp, Quarantined, [d1edc8d2720901356c5e8697fa074eb2],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Temp\nsv4F26.tmp, Quarantined, [47776535f2890432ffcbba63639e49b7],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\nsvDAFF.exe, Quarantined, [55691882a6d5b4824ef7f0343fc22bd5],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Temp\nswC9CD.tmp, Quarantined, [6d51ff9bd4a760d619b1a875cd346b95],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Temp\Installer.exe, Quarantined, [dce28b0f62193ef886c50b131de31ae6],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\mconduitinstaller.exe, Quarantined, [992562381a6185b199592ef03dc39e62],
    PUP.Optional.Somoto, C:\Users\conno_000\AppData\Local\Temp\bitool.dll, Quarantined, [b905d9c1205bee48c8c56eb935cdce32],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\SPStub.exe, Quarantined, [36882377c3b8092d3849071b6d94629e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\SPSetup.exe, Quarantined, [12acf5a55c1ffc3a1a2b869e4ab7758b],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\SecondStepInstaller.exe, Quarantined, [cef0d0ca2d4eef471b2a84a01fe2b848],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\djieoettjrbhgys\bpcsdwbc.exe, Quarantined, [1aa4c5d5f3882f0733e75e59cb3905fb],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\dtrcnecxbju\vyljbdnhza.exe, Quarantined, [714d87136516221485959f1809fbb44c],
    PUP.Optional.Wsys.A, C:\Users\conno_000\AppData\Local\Temp\eIntaller\AB410E803EEF43b6BC74358B501ADD4F\c9bde3823c.exe, Quarantined, [209e5a40b8c349edf73489a381803ac6],
    PUP.Optional.Wilsys.A, C:\Users\conno_000\AppData\Local\Temp\eIntaller\AB410E803EEF43b6BC74358B501ADD4F\eXQ.exe, Quarantined, [407e0397f6852d0932f8b97311f045bb],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\enqxczmztkka\rqflpems.exe, Quarantined, [ffbf36641e5dbf77f624c0f7976d9769],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\suetvvwwhgqwaff\vhunbxskd.exe, Quarantined, [0db113870b704ee8011933846c987b85],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\hbieranmug\rturrybkq.exe, Quarantined, [0bb305951d5e4ee86bafcaed21e3a957],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\hkfzznalbzdfscnk\haqojgacoaaq.exe, Quarantined, [a11db4e6aad1db5bd149eec9679dd32d],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\hkzqohvjjugsfce\wytpttiganx.exe, Quarantined, [c8f6b4e685f6a195a575d0e7c4409d63],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\vdqosbnxdlax\zqwyhice.exe, Quarantined, [a5195f3b7cff999d57c3c7f0ba4a2bd5],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\wawixhcoelgxj\haaqsuqswog.exe, Quarantined, [d1edacee3f3c0f2738e2cfe8fa0a11ef],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\npvedxpdzcsegydf\pvgrfeidzkd.exe, Quarantined, [49758b0f3b40a98d45d5a413dd27f30d],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jplytsmiqo\febxvfuslu.exe, Quarantined, [d9e5f7a3b9c296a0001aaf08d92be818],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jshtgxhtxusddb\newbnvuw.exe, Quarantined, [f1cd4f4ba0db63d319019d1a92721de3],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jtzeqcmwghvgibl\dznndcmnlf.exe, Quarantined, [209e12885c1fef47e03a4b6c867e817f],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\AU\SPSetup.exe, Quarantined, [2b93f7a3601b1521271e56ce23deee12],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\axdfsbygtchqd\yvhppzmeok.exe, Quarantined, [229cedad8eedad8926f49324cf35d729],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\tqatlmborbkt\zlycujjqyklc.exe, Quarantined, [9f1f42583942033350ca5265bb49ed13],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\peragxrmmr\hehnewfkf.exe, Quarantined, [6c52debc2556ca6cd149d2e516eea35d],
    Trojan.Downloader.Agent, C:\Users\conno_000\AppData\Local\Temp\Phx77FE\checker.exe, Quarantined, [c3fb089276058caab2d032e4728fc43c],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\PhxC331\SweetPacks2.exe, Quarantined, [c0feebaf304b3501b43ecc526997b749],
    Trojan.Downloader.Agent, C:\Users\conno_000\AppData\Local\Temp\PhxFE37\checker.exe, Quarantined, [b30b29717efde45296ec2ee8f70a718f],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\plhjvbzqliopadx\qogpgsgg.exe, Quarantined, [1ba36337601b85b194869e19c0445da3],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\qrzupihftbhb\vcrntvgmvz.exe, Quarantined, [efcf108a9fdcdf5765b581360df78c74],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nwbcsdgxwufon\ykfulivwcd.exe, Quarantined, [bb035644b0cb2d0956c484334fb5ef11],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nwfasqerdlv\xmglavbsperu.exe, Quarantined, [8638c8d2d8a35bdb0119eec92dd71ee2],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nwtsemsemfoe\iwnhcomxeuhi.exe, Quarantined, [f1cd0694443784b237e3edcabd476e92],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nxxzujjvng\mznzxnzvh.exe, Quarantined, [625c32687803db5baa70bbfca85cc63a],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\oguztekamtap\kbstramd.exe, Quarantined, [9826b2e8601bee489288af085ea6619f],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\shozjyrxxolfpyzu\pupmbdtbogg.exe, Quarantined, [17a7bcde9dde1f170515bdfa2bd96997],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\sirnlxjyyj\kwvisbtbcfkt.exe, Quarantined, [e0de41597506de58f921ab0c877d8a76],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\mbbycizktlfi\apsjrbndimbb.exe, Quarantined, [c9f5aeec14676ccacd4d684f11f360a0],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\fnkyeogplhiqn\pectuiqnbfxz.exe, Quarantined, [3a84d8c2b3c8ed4938e23f7826de9b65],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\bvclkuifonofcvl\andamejxzy.exe, Quarantined, [813d1981314a87af26f46d4a818348b8],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\bzsjikaqyvkzus\aazyfqllccgq.exe, Quarantined, [cdf15e3c3b400432bc5eded98480e51b],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\cbcmpqltpxm\onnewwtlkyuu.exe, Quarantined, [d1edcecc6219d85e66b48e29ef15f50b],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\cbnuqraicluq\bampjwygzbg.exe, Quarantined, [f9c53169dba0bb7b45d5a413a75de020],
    PUP.Optional.SmartBar, C:\Users\conno_000\AppData\Local\Temp\MSI94F2.tmp-\Smartbar.Installer.CustomActions.dll, Quarantined, [0eb0633795e653e3c16e161839c71de3],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\myymjeqaoh\nvuxldhkircz.exe, Quarantined, [6856089291ea49ed4ad047707a8a7a86],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ncaiufaozwom\jcweuzznvfel.exe, Quarantined, [407ee2b88fecd75f4dcde2d56e9657a9],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\nnfvfakdohvemg\hnhkqacoq.exe, Quarantined, [13ab207abdbee84ec05a912611f37d83],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\jxeuetmlaafyz\lwufjbqkufmj.exe, Quarantined, [c1fdecaee794de5889913f78c73da060],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\rqvcqlqrsq\iclvpnqg.exe, Quarantined, [14aa4b4f7902ce68f9216156d331728e],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ozerfgqndehxvvhb\xumujzsbj.exe, Quarantined, [625c4753d4a7b97d66b457601be99868],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\afomfhqseosetu\uwrzhibre.exe, Quarantined, [3c82aceefe7d77bfda400ea993718a76],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\xpajubnfrgq\hvthmkkkix.exe, Quarantined, [a01ecbcff8830630c8528730689cd12f],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ywstkcsfwurvr\ckzlqdbx.exe, Quarantined, [6955217944373ff71901eec938cc12ee],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\yyakowcvibnxh\oowlijhx.exe, Quarantined, [17a71387b6c5d0665cbe8a2d25df0cf4],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zewihwirvwoq\ilhmdgyp.exe, Quarantined, [3e807d1d46352016db3f892e63a108f8],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zgywuhkyayedvdc\eudrldeszzbr.exe, Quarantined, [5767f8a2186376c00119298eba4a3cc4],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zhwskpcmyukz\qnyqfihjblt.exe, Quarantined, [9f1f1882e8938aacab6f3f7890749a66],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zlygukaxrd\bvxgwpxcxnh.exe, Quarantined, [437b23777ffc71c5b36701b60ef63fc1],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zptgdtdssgg\bmyokhfb.exe, Quarantined, [219dacee18637fb70b0fd5e254b0ac54],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\zvrbwrtypupcxrip\ihqutbff.exe, Quarantined, [922c28727803a78f65b5d4e330d4bf41],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Temp\Smartbar\LinkuryInstaller.msi, Quarantined, [427c6f2b6d0e15217df3167331d042be],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Temp\Smartbar\3638f282-3a6a-42db-9eda-0adf883af7b5\LinkuryInstaller.msi, Quarantined, [9a24306a3843af87412fd3b6f809f50b],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\twdzcjesyovkykqg\ffwkelsq.exe, Quarantined, [ad115a4091ea40f6c9518532c63e8080],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\bevwcwfryi\jpmpxgsaz.exe, Quarantined, [6559356509723501af6b942341c347b9],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\tfofekoyocwy\rueekrrnk.exe, Quarantined, [a11d6c2eee8d013540da2f8803015ba5],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\udhjmzweznukhi\zedvayvmuqrf.exe, Quarantined, [07b7099159226fc705151d9aab593fc1],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\untqasrlfz\skkuvkhwlur.exe, Quarantined, [ba045f3b8af1df57011963543cc8f60a],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\cgjdqcdbqppp\thdrjvqc.exe, Quarantined, [5d61efabeb909f97ec2e5463897bed13],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\chLogic.exe, Quarantined, [0cb2f2a864173006d8a9a87a15ecb050],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\ctbe.exe, Quarantined, [6a5417839ae1d4626b31c25ce51bd12f],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\ffLogic.exe, Quarantined, [76487e1c37445adcdaa763bf54adfc04],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\ieLogic.exe, Quarantined, [c0fe9703a2d9999dee93899944bd57a9],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\spch.exe, Quarantined, [fcc2e2b852293afc5d2423fff70a5ca4],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\spff.exe, Quarantined, [75490d8d196293a3fc85c260cd341ee2],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\statisticsStub.exe, Quarantined, [af0fcdcd0675f046f80e3bd245bc30d0],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\stub.exe, Quarantined, [edd125753d3e8ea8975cbb63758be818],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\plugins\TBVerifier.dll, Quarantined, [ba040a900d6e37ff8f384cf6e21e9d63],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\wxbqijkaasmu\wbffviemrs.exe, Quarantined, [c9f56f2b62191422b9614374956f53ad],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\xopcyshvymk\yjvbjlagr.exe, Quarantined, [98262c6ebdbe56e0a377dcdb0bf9c040],
    Trojan.Bitminer, C:\Users\conno_000\AppData\Local\Temp\ssmkoaouvkfhwfz\wkjljenofou.exe, Quarantined, [bd0108923843ff3789916b4c3fc554ac],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nszCA2E.exe, Quarantined, [a21c9406e4970432ada69c9357aae11f],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsc3EB4.exe, Quarantined, [4876e5b5b8c364d2d77c66c9e31e9769],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscB323.exe, Quarantined, [e2dce5b592e92b0bc78cd956ce33e020],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd59C9.exe, Quarantined, [437bdebc42396acc381b042b4eb3ff01],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsd699A.exe, Quarantined, [edd1306a205b063073e077b8af527d83],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsi3191.exe, Quarantined, [467832682f4c37ffd67d1b14d42d7789],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsj59E9.exe, Quarantined, [27974258b9c2e84e0a496cc314ed16ea],
    PUP.Optional.Conduit.A, C:\Windows\Temp\nsj6B3E.exe, Quarantined, [2b9348520774ac8a8eb7f3317988fe02],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoD8E3.exe, Quarantined, [c4fae4b6b9c276c089ca67c8ab5653ad],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsr921D.exe, Quarantined, [f8c6d7c3a8d33afc92c133fc8b760af6],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsrF898.exe, Quarantined, [615dcad029523ef84211dd52fe03d927],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss459C.exe, Quarantined, [972796041269a88ee271111eff02a65a],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss6870.exe, Quarantined, [714d9cfeed8e8da9a3b0fe3125dc22de],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nst72F0.exe, Quarantined, [417d405a0873e650f1622e01679ab14f],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsuDB1A.exe, Quarantined, [05b96931d3a8a78f480bdc537c8508f8],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv76E8.exe, Quarantined, [0bb3b0ea85f6dd59e3700a25df2226da],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsv7DC9.exe, Quarantined, [02bc277323587db96ae976b924dd9c64],
    PUP.Optional.SearchProtect.A, C:\Windows\Temp\nswBCDC.exe, Quarantined, [14aae2b8d6a547efb99ad9569170ae52],
    PUP.Optional.Amonetize.AS, C:\Users\conno_000\Downloads\7zip__2780_i37780377_il604572.exe, Quarantined, [d2ec7822ee8de94d25d94eccf60b34cc],
    PUP.Optional.LiveSoftAction, C:\Users\conno_000\Downloads\Angry Birds provided through Adscend Media Network CPA.exe, Quarantined, [2f8fddbdf68592a4f31d932b52b250b0],
    PUP.Optional.OpenCandy, C:\Users\conno_000\Downloads\DTLite4471-0337.exe, Quarantined, [97270e8c6417c274e546358014f056aa],
    PUP.Optional.OptimumInstaller.A, C:\Users\conno_000\Downloads\Chrome_Setup.exe, Quarantined, [7945f0aa6b1041f502a34a0922df08f8],
    PUP.Optional.Spigot.A, C:\Users\conno_000\Downloads\SFInstaller_SFFZ_filezilla_8706467_.exe, Quarantined, [f2cc3169bebdf73f1e93f436ac55ca36],
    HackTool.GamesCheat.Gen, C:\Users\conno_000\Downloads\Camo Unlocker V-33_mpgh.net.rar, Quarantined, [1ba38515cab15adcc1ce7131b94b54ac],
    PUP.Optional.Softonic, C:\Users\conno_000\Downloads\SoftonicDownloader_for_hamachi (1).exe, Quarantined, [8539b2e85a2175c1c4e5ae5cad54e61a],
    PUP.Optional.Softonic, C:\Users\conno_000\Downloads\SoftonicDownloader_for_hamachi.exe, Quarantined, [407ef6a47efd1323fcada06adc2528d8],
    PUP.Optional.Verti, C:\Users\conno_000\Downloads\TinyMediaPlayer_RocketFuelInstaller.exe, Quarantined, [5c622b6f5328a2945cac85a727da25db],
    PUP.Optional.Somoto.A, C:\Users\conno_000\AppData\Local\Bundled software uninstaller\bi_client.exe, Quarantined, [209e4d4d611a59dd96342fee669b07f9],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\BrowserHelper.exe, Quarantined, [a6188e0cfb80072f69071f6ac8391de3],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe, Quarantined, [6856396196e562d4b33dca5d27d97789],
    PUP.Optional.SmartBar, C:\Windows\Installer\MSI94F2.tmp, Quarantined, [e0de0b8f512ac3734fe0ae80ac54946c],
    PUP.Optional.SnapDo.A, C:\Windows\Installer\5040e52.msi, Quarantined, [38868614e59613232e42abde5fa2a060],
    PUP.Optional.SnapDo.A, C:\Windows\Installer\50411af.msi, Quarantined, [57675f3bbcbf0b2b660a2663c63bfe02],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage, Quarantined, [1f9f5149621990a622d5fac2c53da55b],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal, Quarantined, [427cb9e17a0185b154a309b3f012cc34],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastcontent.conduit.com_0.localstorage, Quarantined, [8a34f6a41368bc7a58a05c60eb179e62],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastcontent.conduit.com_0.localstorage-journal, Quarantined, [ae102f6b5a21d56127d1dede09f94fb1],
    PUP.Optional.Superfish.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [605e009a3843bc7a2229d1ecd230659b],
    PUP.Optional.Superfish.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [7c4275259ae150e62922ccf162a02bd5],
    PUP.Optional.WebSearch.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\searchplugins\Web Search.xml, Quarantined, [ccf23c5ea4d7340207c98d3ec33f34cc],
    PUP.Optional.NewTab.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx, Quarantined, [a519cfcb9cdf3006ed8b2ea4c73ba060],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\phatk121016.cl, Quarantined, [5a642773a7d42b0b1e0bb634a55eee12],
    Trojan.BitcoinMiner, C:\Windows\Temp\phatk121016.cl, Quarantined, [536bb3e7d6a5a88eda4f9a50b152c43c],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\scrypt130511.cl, Quarantined, [d8e6792155260a2cbb6f5496649ffc04],
    Trojan.BitcoinMiner, C:\Windows\Temp\scrypt130511.cl, Quarantined, [e8d6247683f87eb852d8fcee3cc78878],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\diablo130302.cl, Quarantined, [87373763285395a1fe2d36b43ac98779],
    Trojan.BitcoinMiner, C:\Windows\Temp\diablo130302.cl, Quarantined, [b806dcbe75068aac74b7e30718eb11ef],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\poclbm130302.cl, Quarantined, [cef0aceefa8131059993cc1e719207f9],
    Trojan.BitcoinMiner, C:\Windows\Temp\poclbm130302.cl, Quarantined, [516d9a00750682b434f87c6efe0530d0],
    Trojan.BitcoinMiner, C:\Users\conno_000\AppData\Local\Temp\diakgcn121016.cl, Quarantined, [328c4e4cf2891b1b0d200dddae557789],
    Trojan.BitcoinMiner, C:\Windows\Temp\diakgcn121016.cl, Quarantined, [6e504a5090ebe155f439c72363a03fc1],
    PUP.Optional.DoSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\dosearches.xml, Quarantined, [249a5743adcea88e257649a625de34cc],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe, Delete-on-Reboot, [308e7f1b99e24beb54258f5b3ec514ec],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\BrowserHelper.exe.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ChromeHost.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\FiddlerCore.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\HtmlAgilityPack.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\lrcnt.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Lrcnta.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\lrrot.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\MACTrackBarLib.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.mshtml.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Common.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.ObjectBuilder.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\NDde.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ProductsRemovalTool.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\QuickShare.exe.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\RegAsm.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sgml.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Communication.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyService.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbl.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sidb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\siem.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sipb.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sismlp.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Common.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyRemover.exe, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInstallationIcon.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarShortcutIcon.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smta.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\smtu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spbe.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sppsm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spsm.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\spusm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbhu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbs.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srbu.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sreu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srgu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srns.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srom.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srpdm.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srprl.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srpu.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsbs.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsbsau.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srsl.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\sruhs.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srus.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\srut.dll, Delete-on-Reboot, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\System.Data.SQLite.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\bg.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\options.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\popup.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\redirect.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\alxbl.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\BackPageRemove.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\defaultBlockList.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\documentEvents.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\externalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\FBImagePreview.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\filters.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\generalBackButtonDetection.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\InternalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\jquery-1.9.0.min.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\PluginWrapper.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\publisherDefinitions.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\ta.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\tabReload.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\TopFrameJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS\trans.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome.manifest, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\BackPageRemove.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\externalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FBImagePreview.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\InternalJS.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\jquery-1.5.1.min.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\publisherDefinitions.js, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.ico, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\10.201.1.12915\user.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.SmartBar.A, C:\Users\conno_000\AppData\Local\Smartbar\QuickShare.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\11.24.60.15709\user.config, Quarantined, [734b65356219c96d874b5b3b4cb651af],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\chromeid.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\conduit.xml, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\CT3314199.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\CT3314199.xpi, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\initData.json, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\manifest.json, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\setup.ini.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\version.txt, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\install.rdf, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Temp\ct3314199\xpi\defaults\preferences\defaults.js, Quarantined, [4c7275256714cc6ae7839304639f926e],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\background.html, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\background.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\data.json, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\icon128.png, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\jquery.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\manifest.json, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\xa.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.Lightning.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0\xagainit.js, Quarantined, [59658e0c5a215ed8595754458181de22],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.html, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\bg.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\manifest.json, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.htm, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\options.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.html, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\popup.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.html, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\redirect.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\CSS\border.css, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\down.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fb.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\fblike.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\gmail.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\google.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\googleplus.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\hide-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\left.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\maximize-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\mgsplusvideo.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\minimize-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\PBQuickShare.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\pinit.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\right.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\searchBoxQs.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\show-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\twitter.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-1.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-2.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up-3.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\images\up.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\BackPageRemove.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\defaultBlockList.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\documentEvents.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\externalJS.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\FBImagePreview.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\InternalJS.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\jquery-1.9.0.min.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\PluginWrapper.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\publisherDefinitions.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\tabReload.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\JS\TopFrameJS.js, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare128.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare16.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.SnapDo.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\PublisherImages\QuickShare48.png, Quarantined, [348a5a403645b284ed3ce7b3a9592fd1],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Extutil.A, C:\Users\conno_000\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Quarantined, [05b9f2a8b7c476c0c37f2c8345bd0df3],
    PUP.Optional.Managera.A, C:\Users\conno_000\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Quarantined, [f0ce2f6bde9df1454300199633cf57a9],
    PUP.Optional.Managera.A, C:\Users\conno_000\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Quarantined, [f0ce2f6bde9df1454300199633cf57a9],
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://proxy.allsearchapp.com/app/start/", "http://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a", "http://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2", "http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301" ],), Replaced,[4f6f138795e680b621ecb907966e4fb1]
    PUP.Optional.HelperBar.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://feed.helperbar.com/?p=mKO_Aw...5kMt2r-hbdNkI7-_Ma2WANhl9oZlNajrKIeWsCX06uxNU,");), Replaced,[d8e69208146763d37f8a1ba453b14eb2]
    PUP.Optional.HelperBar.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "http://feed.helperbar.com/?p=mKO_Aw...mc__l3SCI5cmSRP4X93mhzZ_ZGzcTd-GGlJdcndss,&q=");), Replaced,[2995f6a4760526107991734cd72df20e]
    PUP.Optional.HelperBar.A, C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://feed.helperbar.com/?p=mKO_Aw...ABb3_LJSr6CSLC0Vyfdhtur_36d74x8oM4KW_Wpb2f5ok,");), Replaced,[dfdfa1f93a416ccaf38c843bdc28da26]

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    FRST:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
    Ran by conno_000 (administrator) on CONNORSPC on 02-07-2014 15:19:40
    Running from C:\Users\conno_000\Downloads
    Platform: Windows 8 (X64) OS Language: English (United States)
    Internet Explorer Version 10
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
    (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Spotify Ltd) C:\Users\conno_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    () C:\Windows\Temp\svchost.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-19] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
    HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-11-09] (Dell Inc.)
    HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
    HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
    HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-07-21] (Power Software Ltd)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-05-31] (Razer Inc.)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1306360 2013-12-17] (Bogdan Sharkov)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [uTorrent] => C:\Users\conno_000\AppData\Roaming\uTorrent\uTorrent.exe [1268560 2014-05-13] (BitTorrent Inc.)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Spotify Web Helper] => C:\Users\conno_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-28] (Spotify Ltd)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: E - "E:\setup.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ad6129df-df55-11e2-be66-806e6f6e6963} - "D:\Special_Offers_from_SPHE_PC.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d522-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d561-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ef3ac475-fbcb-11e2-be86-84a6c8ec019d} - "F:\VZW_Software_upgrade_assistant.exe"
    Startup: C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.6.lnk
    ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
    ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

    ==================== Internet (Whitelisted) ====================

    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301
    SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}
    SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_Aw...RP4X93mhzZ_ZGzcTd-GGlJdcndss,&q={searchTerms}
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default
    FF DefaultSearchEngine: Web Search
    FF SelectedSearchEngine: Web Search
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
    FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
    FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Extension: No Name - C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\Extensions\staged [2014-05-15]
    FF Extension: No Name - C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\Extensions\{e7c9ce97-1bd5-e57f-4ac0-e4bbbb79bc73} [2014-05-15]

    Chrome:
    =======
    CHR HomePage: hxxp://awesomegifs.com/
    CHR StartupUrls: "hxxp://proxy.allsearchapp.com/app/start/", "hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a", "hxxp://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=TOSHIBAXMQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301"
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    CHR Extension: (Google Docs) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-09]
    CHR Extension: (Google Drive) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-09]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
    CHR Extension: (YouTube) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-09]
    CHR Extension: (Google Search) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-09]
    CHR Extension: (UNO HD) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiocfeggkcomnebamodmbngedojipdp [2014-06-23]
    CHR Extension: (Google Wallet) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Draw My Thing) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpjeimbfolekeldhfddmbemmpiffkch [2014-06-23]
    CHR Extension: (Enhanced Steam) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2014-06-25]
    CHR Extension: (Gmail) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-09]

    ==================== Services (Whitelisted) =================

    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
    S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [89944 2013-12-31] (EasyAntiCheat Ltd)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
    S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-24] ()
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
    R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

    ==================== Drivers (Whitelisted) ====================

    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
    R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
    R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
    S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23312 2013-01-22] (Dell Computer Corporation)
    S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2013-01-22] (Dell Computer Corporation)
    R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
    R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
    R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
    R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-25] (Microsoft Corporation)
    S3 Delldiag; \??\C:\__de11ctstestfolder20120wdcsa__\WBT\WBT_W64\DDDriver.sys [X]
    S3 ESEADriver2; \??\C:\Users\CONNO_~1\AppData\Local\Temp\ESEADriver2.sys [X]
    S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]
    S3 TDKLIB; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-07-02 15:19 - 2014-07-02 15:20 - 00022755 _____ () C:\Users\conno_000\Downloads\FRST.txt
    2014-07-02 15:19 - 2014-07-02 15:19 - 00000000 ____D () C:\FRST
    2014-07-02 15:18 - 2014-07-02 15:19 - 02083840 _____ (Farbar) C:\Users\conno_000\Downloads\FRST64.exe
    2014-07-02 14:29 - 2014-07-02 15:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-02 14:29 - 2014-07-02 14:29 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-02 14:29 - 2014-07-02 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\conno_000\Downloads\mbam-setup-2.0.2.1012.exe
    2014-07-02 14:28 - 2014-07-02 14:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-07-02 14:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-07-02 14:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-07-02 14:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-07-02 13:33 - 2014-07-02 13:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\conno_000\Downloads\spybot-2.4.exe
    2014-07-02 13:25 - 2014-07-02 13:25 - 01243655 _____ () C:\Users\conno_000\Downloads\ProcessExplorer.zip
    2014-07-01 20:43 - 2014-07-01 20:43 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Celavimus
    2014-07-01 20:41 - 2014-07-01 20:42 - 12795102 _____ (CEVO ) C:\Users\conno_000\Downloads\paladin-setup.exe
    2014-07-01 20:37 - 2014-07-01 20:43 - 00001203 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
    2014-07-01 20:37 - 2014-07-01 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
    2014-07-01 20:37 - 2014-07-01 20:37 - 00000000 ____D () C:\Program Files (x86)\CEVO
    2014-07-01 20:36 - 2014-07-01 20:37 - 13450491 _____ () C:\Users\conno_000\Downloads\CEVO CSGO Client Installer.zip
    2014-06-30 20:43 - 2014-06-30 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000944 _____ () C:\Users\conno_000\Desktop\ESEA Client.lnk
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000000 ____D () C:\Program Files\ESEA
    2014-06-29 22:48 - 2014-06-29 22:48 - 15424103 _____ () C:\Users\conno_000\Downloads\ESEAClientInstall.exe
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001830 _____ () C:\Users\conno_000\Desktop\Spotify.lnk
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001816 _____ () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2014-06-28 23:58 - 2014-06-28 23:58 - 00126112 _____ (Spotify Ltd) C:\Users\conno_000\Downloads\SpotifySetup.exe
    2014-06-28 22:56 - 2014-06-28 22:58 - 00002669 _____ () C:\Users\conno_000\Desktop\FIFA 14.lnk
    2014-06-28 20:49 - 2014-07-02 14:14 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 14
    2014-06-28 20:46 - 2014-06-28 20:47 - 37180346 ____R () C:\Users\conno_000\Downloads\FIFA14.v1.2.0.0.Final.Crack.Only.v2.rar
    2014-06-28 20:44 - 2014-06-28 20:44 - 00011904 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa14.crack.v5.final.skidrow.torrent
    2014-06-28 19:19 - 2014-06-28 19:19 - 00003136 _____ () C:\Windows\System32\Tasks\Origin
    2014-06-28 19:09 - 2014-06-28 19:19 - 00000000 ____D () C:\Program Files (x86)\FIFA 14 Ultimate Edition
    2014-06-28 15:46 - 2014-06-28 19:05 - 00000000 ____D () C:\Users\conno_000\Desktop\Games
    2014-06-28 15:31 - 2014-06-28 15:31 - 00000000 ____D () C:\Users\conno_000\Downloads\FIFA 14 Ultimate Edition - FULL - MULTI 14 - SKIDROW
    2014-06-28 15:29 - 2014-06-28 15:29 - 00033747 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa.14.ultimate.edition.full.multi.14.skidrow.torrent
    2014-06-26 19:21 - 2014-06-26 19:21 - 00000017 _____ () C:\Users\conno_000\AppData\Local\resmon.resmoncfg
    2014-06-24 20:14 - 2014-06-30 20:40 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Spotify
    2014-06-24 20:14 - 2014-06-30 20:35 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Spotify
    2014-06-23 23:02 - 2014-06-23 23:02 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-06-19 16:20 - 2014-06-19 16:20 - 00000870 _____ () C:\Users\conno_000\Downloads\ACCOUNTS.ZIP
    2014-06-19 15:59 - 2014-07-02 14:59 - 00000000 ____D () C:\Users\joann_000.CONNORSPC
    2014-06-19 15:59 - 2014-06-28 15:43 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-06-10 17:21 - 2014-06-10 17:21 - 00000000 ____D () C:\Program Files\CEVO
    2014-06-08 23:17 - 2014-03-05 07:46 - 00765824 _____ (Razer USA Ltd) C:\Windows\SysWOW64\RzMwApi.dll
    2014-06-08 23:00 - 2014-06-08 23:01 - 55801856 _____ (Razer Inc.) C:\Users\conno_000\Downloads\Razer_Synapse_Framework_V1.18.13.exe
    2014-06-06 23:54 - 2014-06-06 23:54 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard
    2014-06-06 23:45 - 2014-06-28 17:46 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-06-06 23:45 - 2014-06-06 23:45 - 00001189 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-06-06 23:45 - 2014-06-06 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-06-06 23:41 - 2014-06-28 18:23 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Battle.net
    2014-06-06 23:41 - 2014-06-25 00:18 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Battle.net
    2014-06-06 23:41 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard Entertainment
    2014-06-06 23:40 - 2014-06-28 18:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
    2014-06-06 23:38 - 2014-06-06 23:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\conno_000\Downloads\Hearthstone-Setup-enUS.exe
    2014-06-06 23:38 - 2014-06-06 23:38 - 00000000 ____D () C:\ProgramData\Battle.net

    ==================== One Month Modified Files and Folders =======

    2014-07-02 15:20 - 2014-07-02 15:19 - 00022755 _____ () C:\Users\conno_000\Downloads\FRST.txt
    2014-07-02 15:19 - 2014-07-02 15:19 - 00000000 ____D () C:\FRST
    2014-07-02 15:19 - 2014-07-02 15:18 - 02083840 _____ (Farbar) C:\Users\conno_000\Downloads\FRST64.exe
    2014-07-02 15:16 - 2014-01-09 18:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-07-02 15:07 - 2014-07-02 14:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-02 15:07 - 2012-07-26 03:28 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-07-02 15:05 - 2013-07-19 19:12 - 00000000 ____D () C:\Users\conno_000\AppData\Local\LogMeIn Hamachi
    2014-07-02 15:05 - 2013-07-09 17:10 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-07-02 15:04 - 2013-07-09 17:02 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-07-02 15:01 - 2014-01-27 13:53 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
    2014-07-02 15:01 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-07-02 15:00 - 2013-07-09 16:58 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Adobe
    2014-07-02 15:00 - 2013-06-27 14:16 - 00146382 _____ () C:\Windows\PFRO.log
    2014-07-02 15:00 - 2012-07-26 04:12 - 00000000 __RSD () C:\Windows\Media
    2014-07-02 15:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
    2014-07-02 15:00 - 2012-07-26 01:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
    2014-07-02 14:59 - 2014-06-19 15:59 - 00000000 ____D () C:\Users\joann_000.CONNORSPC
    2014-07-02 14:59 - 2013-09-22 14:22 - 00000000 ____D () C:\ProgramData\Conduit
    2014-07-02 14:59 - 2013-07-09 16:41 - 00000000 ____D () C:\Users\joann_000
    2014-07-02 14:44 - 2013-07-09 17:02 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-07-02 14:29 - 2014-07-02 14:29 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-02 14:29 - 2014-07-02 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-02 14:29 - 2014-07-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\conno_000\Downloads\mbam-setup-2.0.2.1012.exe
    2014-07-02 14:28 - 2014-07-02 14:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-07-02 14:14 - 2014-06-28 20:49 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 14
    2014-07-02 13:43 - 2014-07-02 13:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\conno_000\Downloads\spybot-2.4.exe
    2014-07-02 13:25 - 2014-07-02 13:25 - 01243655 _____ () C:\Users\conno_000\Downloads\ProcessExplorer.zip
    2014-07-02 12:21 - 2013-10-20 19:12 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Adobe
    2014-07-01 22:56 - 2013-10-28 20:59 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\TS3Client
    2014-07-01 20:43 - 2014-07-01 20:43 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Celavimus
    2014-07-01 20:43 - 2014-07-01 20:37 - 00001203 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
    2014-07-01 20:43 - 2014-07-01 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
    2014-07-01 20:42 - 2014-07-01 20:41 - 12795102 _____ (CEVO ) C:\Users\conno_000\Downloads\paladin-setup.exe
    2014-07-01 20:37 - 2014-07-01 20:37 - 00000000 ____D () C:\Program Files (x86)\CEVO
    2014-07-01 20:37 - 2014-07-01 20:36 - 13450491 _____ () C:\Users\conno_000\Downloads\CEVO CSGO Client Installer.zip
    2014-07-01 14:40 - 2013-10-21 21:29 - 00000000 ____D () C:\Users\conno_000\AppData\Local\CrashDumps
    2014-06-30 20:43 - 2014-06-30 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    2014-06-30 20:43 - 2014-01-02 21:57 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
    2014-06-30 20:43 - 2013-07-19 19:12 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
    2014-06-30 20:41 - 2013-12-14 12:47 - 04955952 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-06-30 20:40 - 2014-06-24 20:14 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Spotify
    2014-06-30 20:35 - 2014-06-24 20:14 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Spotify
    2014-06-30 12:30 - 2013-06-27 14:20 - 01716340 _____ () C:\Windows\WindowsUpdate.log
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000944 _____ () C:\Users\conno_000\Desktop\ESEA Client.lnk
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000000 ____D () C:\Program Files\ESEA
    2014-06-29 22:48 - 2014-06-29 22:48 - 15424103 _____ () C:\Users\conno_000\Downloads\ESEAClientInstall.exe
    2014-06-29 19:46 - 2013-07-20 15:43 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\uTorrent
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001830 _____ () C:\Users\conno_000\Desktop\Spotify.lnk
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001816 _____ () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2014-06-28 23:58 - 2014-06-28 23:58 - 00126112 _____ (Spotify Ltd) C:\Users\conno_000\Downloads\SpotifySetup.exe
    2014-06-28 22:58 - 2014-06-28 22:56 - 00002669 _____ () C:\Users\conno_000\Desktop\FIFA 14.lnk
    2014-06-28 21:35 - 2013-06-27 14:47 - 00189274 _____ () C:\Windows\DPINST.LOG
    2014-06-28 21:34 - 2013-12-20 13:46 - 00000000 ____D () C:\Program Files (x86)\Razer
    2014-06-28 21:33 - 2013-12-20 13:47 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Razer
    2014-06-28 21:31 - 2013-12-20 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
    2014-06-28 20:58 - 2013-09-04 22:04 - 00000000 ____D () C:\ProgramData\Origin
    2014-06-28 20:58 - 2013-09-04 22:04 - 00000000 ____D () C:\Program Files (x86)\Origin
    2014-06-28 20:47 - 2014-06-28 20:46 - 37180346 ____R () C:\Users\conno_000\Downloads\FIFA14.v1.2.0.0.Final.Crack.Only.v2.rar
    2014-06-28 20:44 - 2014-06-28 20:44 - 00011904 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa14.crack.v5.final.skidrow.torrent
    2014-06-28 19:48 - 2013-07-09 17:04 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2100282219-3180197948-4272881602-1005
    2014-06-28 19:19 - 2014-06-28 19:19 - 00003136 _____ () C:\Windows\System32\Tasks\Origin
    2014-06-28 19:19 - 2014-06-28 19:09 - 00000000 ____D () C:\Program Files (x86)\FIFA 14 Ultimate Edition
    2014-06-28 19:19 - 2013-09-04 22:05 - 00000000 ___HD () C:\Users\conno_000\AppData\Roaming\Origin
    2014-06-28 19:05 - 2014-06-28 15:46 - 00000000 ____D () C:\Users\conno_000\Desktop\Games
    2014-06-28 18:43 - 2014-04-16 20:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
    2014-06-28 18:39 - 2013-07-09 17:02 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-06-28 18:39 - 2013-07-09 17:02 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-06-28 18:31 - 2013-07-09 16:58 - 00000000 ____D () C:\Users\conno_000
    2014-06-28 18:28 - 2014-03-10 15:10 - 00000000 ____D () C:\Users\conno_000\AppData\Local\LPT
    2014-06-28 18:25 - 2014-05-08 20:09 - 00000000 ____D () C:\Users\conno_000\Downloads\The.Amazing.Spider-Man.2.Proper-RELOADED
    2014-06-28 18:25 - 2014-04-28 12:14 - 00000000 ____D () C:\Users\conno_000\Downloads\Trials Fusion_RePack by SEYTER
    2014-06-28 18:25 - 2014-03-21 20:21 - 00000000 ____D () C:\Users\conno_000\Downloads\The Amazing Spiderman (2012) [1080p]
    2014-06-28 18:25 - 2014-03-13 13:45 - 00000000 ____D () C:\Users\conno_000\Downloads\Batman The Dark Knight (2008) [1080p]
    2014-06-28 18:25 - 2014-03-09 22:59 - 00000000 ____D () C:\Users\conno_000\Downloads\Corel Draw X5 with Keygen
    2014-06-28 18:25 - 2013-10-18 22:30 - 00000000 ____D () C:\Users\conno_000\Downloads\rzr-skrm
    2014-06-28 18:25 - 2013-10-14 21:55 - 00000000 ____D () C:\Users\conno_000\Downloads\orbx
    2014-06-28 18:25 - 2013-10-09 18:00 - 00000000 ____D () C:\Users\conno_000\Downloads\Microsoft Flight Simulator X deluxe
    2014-06-28 18:25 - 2013-10-05 11:07 - 00000000 ____D () C:\Users\conno_000\Downloads\Far.Cry.3.Update.v1.04-RELOADED
    2014-06-28 18:25 - 2013-10-05 10:32 - 00000000 ____D () C:\Users\conno_000\Downloads\Far Cry 3 Proper DLC Unlocker-smashly
    2014-06-28 18:25 - 2013-09-26 18:58 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 13
    2014-06-28 18:25 - 2013-09-09 22:44 - 00000000 ____D () C:\Users\conno_000\Downloads\Borderlands 2 cumulative update 1.6.0 + DLC ^^nosTEAM^^
    2014-06-28 18:25 - 2013-08-14 16:22 - 00000000 ____D () C:\Users\conno_000\Downloads\Skyfall.2012.DVDRip.XviD-SPARKS
    2014-06-28 18:25 - 2013-08-14 14:59 - 00000000 ____D () C:\Users\conno_000\Downloads\Far.Cry.3-RELOADED
    2014-06-28 18:25 - 2013-07-20 15:49 - 00000000 ____D () C:\Users\conno_000\Downloads\NBA 2K13 PC full game ^^nosTEAM^^
    2014-06-28 18:23 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Battle.net
    2014-06-28 18:23 - 2013-09-24 17:16 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\DVDVideoSoft
    2014-06-28 18:22 - 2013-10-26 15:53 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-06-28 18:22 - 2013-08-28 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder
    2014-06-28 18:22 - 2013-07-09 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-06-28 18:21 - 2013-09-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
    2014-06-28 18:15 - 2013-09-24 17:16 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
    2014-06-28 18:15 - 2013-08-28 01:48 - 00000000 ____D () C:\Program Files (x86)\Free Sound Recorder
    2014-06-28 18:14 - 2014-06-06 23:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-06-28 18:01 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\registration
    2014-06-28 17:59 - 2014-02-18 16:37 - 00000000 ____D () C:\Users\conno_000\Downloads\OptiFine_1.6.4_HD_C9
    2014-06-28 17:51 - 2013-12-20 13:46 - 00000000 ____D () C:\ProgramData\Razer
    2014-06-28 17:46 - 2014-06-06 23:45 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-06-28 17:46 - 2013-10-26 15:53 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
    2014-06-28 17:45 - 2014-05-21 12:56 - 00000000 __RHD () C:\MSOCache
    2014-06-28 17:45 - 2013-10-19 14:52 - 00000000 ____D () C:\Games
    2014-06-28 15:43 - 2014-06-19 15:59 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
    2014-06-28 15:31 - 2014-06-28 15:31 - 00000000 ____D () C:\Users\conno_000\Downloads\FIFA 14 Ultimate Edition - FULL - MULTI 14 - SKIDROW
    2014-06-28 15:29 - 2014-06-28 15:29 - 00033747 _____ () C:\Users\conno_000\Downloads\[kickass.to]fifa.14.ultimate.edition.full.multi.14.skidrow.torrent
    2014-06-26 19:21 - 2014-06-26 19:21 - 00000017 _____ () C:\Users\conno_000\AppData\Local\resmon.resmoncfg
    2014-06-26 11:16 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
    2014-06-26 00:05 - 2013-07-20 15:52 - 00579584 ___SH () C:\Users\conno_000\Desktop\Thumbs.db
    2014-06-25 00:18 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Battle.net
    2014-06-23 23:02 - 2014-06-23 23:02 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-06-22 23:33 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
    2014-06-22 23:33 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2014-06-21 18:14 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\LiveKernelReports
    2014-06-19 16:20 - 2014-06-19 16:20 - 00000870 _____ () C:\Users\conno_000\Downloads\ACCOUNTS.ZIP
    2014-06-10 17:21 - 2014-06-10 17:21 - 00000000 ____D () C:\Program Files\CEVO
    2014-06-08 23:01 - 2014-06-08 23:00 - 55801856 _____ (Razer Inc.) C:\Users\conno_000\Downloads\Razer_Synapse_Framework_V1.18.13.exe
    2014-06-06 23:54 - 2014-06-06 23:54 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard
    2014-06-06 23:45 - 2014-06-06 23:45 - 00001189 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-06-06 23:45 - 2014-06-06 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-06-06 23:41 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard Entertainment
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
    2014-06-06 23:38 - 2014-06-06 23:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\conno_000\Downloads\Hearthstone-Setup-enUS.exe
    2014-06-06 23:38 - 2014-06-06 23:38 - 00000000 ____D () C:\ProgramData\Battle.net
    2014-06-02 21:04 - 2013-07-09 21:00 - 00319464 _____ () C:\Windows\DirectX.log

    Files to move or delete:
    ====================
    C:\Users\conno_000\AppData\Roaming\CamLayout.ini
    C:\Users\conno_000\AppData\Roaming\CamShapes.ini
    C:\Users\conno_000\AppData\Roaming\CamStudio.Producer.Data.ini
    C:\Users\conno_000\AppData\Roaming\Origin\update.vbe


    Some content of TEMP:
    ====================
    C:\Users\conno_000\AppData\Local\Temp\DDDInstallManager.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer.exe
    C:\Users\conno_000\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-11-g81cb6e3-b2852jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-jenkins-CraftBukkit-173.dll
    C:\Users\conno_000\AppData\Local\Temp\libcurl.dll
    C:\Users\conno_000\AppData\Local\Temp\libeay32.dll
    C:\Users\conno_000\AppData\Local\Temp\libidn-11.dll
    C:\Users\conno_000\AppData\Local\Temp\librtmp.dll
    C:\Users\conno_000\AppData\Local\Temp\libssh2.dll
    C:\Users\conno_000\AppData\Local\Temp\libusb-1.0.dll
    C:\Users\conno_000\AppData\Local\Temp\LiveUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\mpa03712.exe
    C:\Users\conno_000\AppData\Local\Temp\nsz3687.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\safeguard.exe
    C:\Users\conno_000\AppData\Local\Temp\Setup-Wacom.exe
    C:\Users\conno_000\AppData\Local\Temp\sonarinst.exe
    C:\Users\conno_000\AppData\Local\Temp\ssleay32.dll
    C:\Users\conno_000\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\conno_000\AppData\Local\Temp\tbSwee.dll
    C:\Users\conno_000\AppData\Local\Temp\u59kb_lc.dll
    C:\Users\conno_000\AppData\Local\Temp\ubi43D9.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiA19.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiE28E.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\update.exe
    C:\Users\conno_000\AppData\Local\Temp\xmlUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\zlib1.dll


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-06-29 12:30

    ==================== End Of Log ============================

    Additional:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
    Ran by conno_000 at 2014-07-02 15:21:27
    Running from C:\Users\conno_000\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    "Thief" (HKLM-x32\...\{7CEA3557-5E36-49EE-9CBF-504EEA99E0DE}_is1) (Version: 1.0.4107.3 (Update 1) - )
    µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
    7 Days to Die - Alpha version 0.9.1 (HKLM-x32\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 0.9.1 - The Fun Pimps LLC)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC)
    APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
    Arma 2 (HKLM-x32\...\Steam App 33900) (Version: - Bohemia Interactive)
    Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
    Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
    Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
    Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.)
    AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
    AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: - Online Media Technologies Ltd.)
    AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
    AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
    Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
    BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
    Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
    Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
    Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
    Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
    Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
    Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
    Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
    CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
    CEVO Paladin (0.5.0.0) (HKLM\...\cmn_cevo_is1) (Version: 0.5.0.0 - CEVO)
    Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
    Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
    Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
    EPSON Artisan 837 Series Printer Uninstall (HKLM\...\EPSON Artisan 837 Series) (Version: - SEIKO EPSON Corporation)
    ESEA Client (HKCU\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
    FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts)
    FileZilla Client 3.7.1.1 (HKCU\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
    Free Audio Converter version 5.0.28.827 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.28.827 - DVDVideoSoft Ltd.)
    Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
    GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
    Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
    Goat Simulator Development Kit (HKLM-x32\...\Steam App 285710) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
    Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
    Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
    Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Leetway Client (HKLM-x32\...\{667124BE-B9E1-4E5A-A0F5-4313C6A8A5C2}) (Version: 1 - Leetway Inc.)
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games)
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
    Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.61355.0 - Microsoft Game Studios)
    Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
    Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6) (Version: 10.0.61355.0 - Microsoft Game Studios)
    Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
    Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
    MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
    MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    NASCAR The Game 2013 (HKLM-x32\...\NASCAR The Game 2013_is1) (Version: - )
    NBA 2K13 (HKLM-x32\...\Steam App 219600) (Version: - Visual Concepts)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.45.6 - Black Tree Gaming)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.2 - Notepad++ Team)
    NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
    NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
    Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
    PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.3.6 - PowerUp Software)
    PlayUp Tools (HKLM-x32\...\PlayUp Tools) (Version: 0.9.9.2 - PlayUp)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 5.7 - Power Software Ltd)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.37 - Dell Inc.)
    QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
    Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    REX Essential Plus Overdrive (HKLM-x32\...\{9F30A684-44DC-4BDF-89ED-70F9021B851F}) (Version: 3.5.2012.1029 - REX Game Studios)
    Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
    Scribblenauts Unlimited (HKLM-x32\...\Scribblenauts Unlimited_is1) (Version: - )
    Scribblenauts Unmasked A DC Comics Adventure (HKLM-x32\...\Scribblenauts Unmasked A DC Comics Adventure_is1) (Version: - )
    Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
    Setup - FIFA 14 Ultimate Edition ... (HKLM-x32\...\Setup - FIFA 14 Ultimate Edition ...) (Version: ... - Electronic Arts)
    SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization V Brave New World (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uVg==_is1) (Version: 1 - )
    SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
    Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
    South Park The Stick of Truth, âåðñèÿ 1.0 (HKLM-x32\...\South Park The Stick of Truth_is1) (Version: 1.0 - =×óâàê=)
    Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
    Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
    The Amazing Spider-Man 2 (HKLM-x32\...\VGhlQW1hemluZ1NwaWRlck1hbjI=_is1) (Version: 1 - )
    Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
    Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
    Trials Fusion, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Trials Fusion_is1) (Version: 1.0.0.0 - RePack by SEYTER)
    Uplay (HKLM-x32\...\Uplay) (Version: 3.2 - Ubisoft)
    Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
    Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
    War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
    WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
    WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
    Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
    XnView 2.05 (HKLM-x32\...\XnView_is1) (Version: 2.05 - Gougelet Pierre-e)

    ==================== Restore Points =========================

    28-06-2014 20:25:01 cleaning viruses
    28-06-2014 21:37:46 Restore Operation

    ==================== Hosts content: ==========================

    2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {0626CA07-403A-4127-A073-8FE596E3F069} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
    Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
    Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
    Task: {370DF13C-227A-4E8A-9498-C80DA3632324} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
    Task: {3870269C-A753-41CE-9470-A3543CA5ED69} - System32\Tasks\Origin => C:\Users\conno_000\AppData\Roaming\Origin\update.vbe [2014-06-28] () <==== ATTENTION
    Task: {65E7E9E0-C2DA-4DAF-A44A-976609790CEF} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
    Task: {7E5F1297-E3C2-482E-AFBA-EB37D63B5311} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
    Task: {8C258852-C5BA-4030-9F3A-6EE52273E3D6} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-connormer@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {974EEE2D-FB52-4D85-8945-FC1F548F1088} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
    Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
    Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
    Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-10-01 16:56 - 2014-03-04 10:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2013-06-27 14:26 - 2014-03-04 09:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-04-16 20:11 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2014-04-16 20:11 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
    2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2013-07-09 21:04 - 2013-11-24 09:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2014-03-09 15:45 - 2013-12-04 12:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
    2013-06-26 22:33 - 2013-04-02 16:42 - 00176024 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
    2013-06-26 22:36 - 2012-10-26 14:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-07-02 15:05 - 2014-07-02 15:05 - 00645646 _____ () C:\Windows\Temp\svchost.exe
    2014-06-28 18:42 - 2014-06-28 18:42 - 08890536 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2014-04-05 18:59 - 2014-04-05 18:59 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\4f91b7d6b3821366470574294553d6ce\PSIClient.ni.dll
    2013-06-27 14:46 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-05-26 16:23 - 2014-04-29 20:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
    2014-05-26 16:23 - 2014-04-29 20:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
    2014-05-15 16:35 - 2014-04-29 20:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
    2014-05-15 16:35 - 2014-04-29 20:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
    2014-05-15 16:35 - 2014-05-16 21:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2014-05-26 16:23 - 2014-05-29 13:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
    2014-05-26 16:23 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
    2014-05-15 16:35 - 2014-05-29 13:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2014-05-15 16:35 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
    2013-10-01 16:56 - 2014-03-04 10:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-06-29 11:25 - 2014-07-02 15:05 - 00279955 _____ () C:\Windows\Temp\libidn-11.dll
    2014-06-29 11:25 - 2014-07-02 15:05 - 00084992 _____ () C:\Windows\Temp\zlib1.dll
    2013-06-27 16:12 - 2013-06-27 16:12 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
    2013-07-07 15:14 - 2013-07-07 15:14 - 01589248 _____ () C:\Program Files (x86)\Notepad++\plugins\DSpellCheck.dll
    2011-07-18 17:07 - 2011-07-18 17:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
    2011-09-21 16:46 - 2011-09-21 16:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    HKLM\...\StartupApproved\Run32: => "Razer Synapse"
    HKCU\...\StartupApproved\StartupFolder: => "Intel(R) Turbo Boost Technology Monitor 2.6.lnk"
    HKCU\...\StartupApproved\Run: => "uTorrent"
    HKCU\...\StartupApproved\Run: => "Clownfish"

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost (6032) {7118142E-3FA1-4473-980D-8B368114A659}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost (6032) {7118142E-3FA1-4473-980D-8B368114A659}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (07/02/2014 03:05:45 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost (4256) {1C7FADDF-B973-4F3D-921A-DCC97C92C698}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/02/2014 03:05:44 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost (4256) {1C7FADDF-B973-4F3D-921A-DCC97C92C698}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/02/2014 03:00:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost (5884) {22C1E02E-C089-45AC-BC7A-65C6D01B351E}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost (5884) {22C1E02E-C089-45AC-BC7A-65C6D01B351E}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/02/2014 02:00:24 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost (4084) {2BCB7BAF-07FD-4A5D-B9DD-C96EC1CD64C9}: Database recovery/restore failed with unexpected error -1216.


    System errors:
    =============
    Error: (07/02/2014 03:01:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/30/2014 08:43:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    Error: (06/30/2014 08:42:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/30/2014 08:41:34 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 12:22:57 PM on ‎6/‎30/‎2014 was unexpected.

    Error: (06/29/2014 04:22:15 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office Sessions:
    =========================
    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost6032{7118142E-3FA1-4473-980D-8B368114A659}: -1216

    Error: (07/02/2014 03:08:12 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost6032{7118142E-3FA1-4473-980D-8B368114A659}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: WmiApRplWmiApRpl8F2030000E5050000

    Error: (07/02/2014 03:07:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance163707000000000000000000008F020000

    Error: (07/02/2014 03:05:45 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost4256{1C7FADDF-B973-4F3D-921A-DCC97C92C698}: -1216

    Error: (07/02/2014 03:05:44 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost4256{1C7FADDF-B973-4F3D-921A-DCC97C92C698}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/02/2014 03:00:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost5884{22C1E02E-C089-45AC-BC7A-65C6D01B351E}: -1216

    Error: (07/02/2014 02:00:42 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost5884{22C1E02E-C089-45AC-BC7A-65C6D01B351E}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/02/2014 02:00:24 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost4084{2BCB7BAF-07FD-4A5D-B9DD-C96EC1CD64C9}: -1216


    ==================== Memory info ===========================

    Percentage of memory in use: 27%
    Total physical RAM: 8048.88 MB
    Available physical RAM: 5851.26 MB
    Total Pagefile: 9264.88 MB
    Available Pagefile: 7030.58 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.78 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:930.37 GB) (Free:134.73 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 932 GB) (Disk ID: B2CF82E0)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================

    AdwCleaner:

    # AdwCleaner v3.214 - Report created 02/07/2014 at 15:34:19
    # Updated 29/06/2014 by Xplode
    # Operating System : Windows 8 (64 bits)
    # Username : conno_000 - CONNORSPC
    # Running from : C:\Users\conno_000\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\SearchProtect
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\Program Files (x86)\SearchProtect
    Folder Deleted : C:\Windows\SysWOW64\SearchProtect
    Folder Deleted : C:\Users\conno_000\AppData\Local\Bundled software uninstaller
    Folder Deleted : C:\Users\conno_000\AppData\Local\LPT
    Folder Deleted : C:\Users\CONNO_~1\AppData\Local\Temp\eIntaller
    Folder Deleted : C:\Users\CONNO_~1\AppData\Local\Temp\Smartbar
    Folder Deleted : C:\Users\conno_000\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\conno_000\AppData\LocalLow\Smartbar
    File Deleted : C:\END
    File Deleted : C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

    ***** [ Shortcuts ] *****

    Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    Shortcut Disinfected : C:\Users\conno_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
    Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
    Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3314199
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
    Key Deleted : HKCU\Software\BI
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKLM\Software\eSafeSecControl
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16537


    -\\ Mozilla Firefox v26.0 (en-US)

    [ File : C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\prefs.js ]

    Line Deleted : user_pref("CT3314199.FF19Solved", "true");
    Line Deleted : user_pref("CT3314199.UserID", "UN13689966631768927");
    Line Deleted : user_pref("CT3314199.fullUserID", "UN13689966631768927.IN.20130922142136");
    Line Deleted : user_pref("CT3314199.installDate", "22/09/2013 14:21:39");
    Line Deleted : user_pref("CT3314199.installSessionId", "{14A0F16D-952E-481A-A36D-2A1D07C4E2F0}");
    Line Deleted : user_pref("CT3314199.installSp", "TRUE");
    Line Deleted : user_pref("CT3314199.installerVersion", "1.6.1.2");
    Line Deleted : user_pref("CT3314199.keyword", "true");
    Line Deleted : user_pref("CT3314199.originalHomepage", "about:home");
    Line Deleted : user_pref("CT3314199.originalSearchAddressUrl", "");
    Line Deleted : user_pref("CT3314199.searchRevert", "false");
    Line Deleted : user_pref("CT3314199.searchUserMode", "2");
    Line Deleted : user_pref("CT3314199.smartbar.homepage", "true");
    Line Deleted : user_pref("CT3314199.versionFromInstaller", "10.20.0.13");
    Line Deleted : user_pref("CT3314199.xpeMode", "0");
    Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3314199&octid=CT3314199&SearchSource=61&CUI=UN13689966631768927&UM=2&UP=SPB8AC3BA2-62A0-4B9A-8EAC-90989B5969F6");
    Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
    Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
    Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
    Line Deleted : user_pref("extensions.helperbar.BackPageActive", true);
    Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
    Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
    Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
    Line Deleted : user_pref("extensions.helperbar.Visibility", false);
    Line Deleted : user_pref("extensions.helperbar.backPageCapacity", 3);
    Line Deleted : user_pref("extensions.helperbar.backPageCounter", 0);
    Line Deleted : user_pref("extensions.helperbar.backPageDay", 15);
    Line Deleted : user_pref("extensions.helperbar.backPageLastEvent", "1400010818188");
    Line Deleted : user_pref("extensions.helperbar.backPageMinInterval", 15);
    Line Deleted : user_pref("extensions.helperbar.barcodeid", "769");
    Line Deleted : user_pref("extensions.helperbar.countryiso", "us");
    Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
    Line Deleted : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"www.only-apartments.es\\\",\\\"www.only-apartments.de\\\",\\\"www.only-apar[...]
    Line Deleted : user_pref("extensions.helperbar.fromautoupdate", "false");
    Line Deleted : user_pref("extensions.helperbar.installationid", "e7c9ce97-1bd5-e57f-4ac0-e4bbbb79bc73");
    Line Deleted : user_pref("extensions.helperbar.installdate", "22/10/2013");
    Line Deleted : user_pref("extensions.helperbar.keepAliveLastevent", "1400183618");
    Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1400183626884");
    Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");
    Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3314199");
    Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3314199&CUI=UN13689966631768927&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3314199&octid=CT3314199&SearchSource[...]
    Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3314199&SearchSource=2&CUI=UN13689966631768927&UM=2&q=");
    Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3314199");
    Line Deleted : user_pref("smartbar.machineId", "H2J/IQDLINKD1IIYV0TRWBAWTZ7A9HLPQTD6PBWSJR+9RHZKV5LMRUALDFAKI4BG4JVLFQFC+ZQEWBGXRQPEPA");
    Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3314199&CUI=UN13689966631768927&UM=2&SearchSource=13");

    -\\ Google Chrome v35.0.1916.153

    [ File : C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Startup_urls] : hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a
    Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2
    Deleted [Startup_urls] : hxxp://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=TOSHIBAXMQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301
    Deleted [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
    Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
    Deleted [Extension] : cekcjpgehmohobmdiikfnopibipmgnml
    Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
    Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo

    *************************

    AdwCleaner[R0].txt - [12343 octets] - [02/07/2014 15:31:51]
    AdwCleaner[S0].txt - [11085 octets] - [02/07/2014 15:34:19]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11146 octets] ##########
     
    Connor Merenda, Jul 2, 2014
    #6
  8. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Connor,

    Unfortunately your system contains illegal software.
    Unless all of this is removed and UTorrent, we are unable to assist you.
    Basically you have become infected due to the use of P2P programs..... and it is a bit of a mess.
    What ever you think .... there's no such thing as a free lunch.
    Let me know if you are prepared to remove this software (games/films) and then we can continue.
     
    Last edited: Jul 2, 2014
    starbuck, Jul 2, 2014
    #7
  9. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    I am willing to uninstall every bit of illegal stuff, I didn't even know I had half this stuff because my brothers always use my computer when I'm at work so I guess that is what they do. Anyway I will let you know when it is all removed.
     
    Connor Merenda, Jul 2, 2014
    #8
  10. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    I removed everything, let me know when we can begin!
     
    Connor Merenda, Jul 3, 2014
    #9
  11. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Connor,

    Thank you. :thmbup:

    As the FRST report may well have changed now, please re-run FRST using these instructions:

    Please re-run FRST.
    • Make sure that Addition.txt is selected at the bottom
    • Press Scan button.

      1b8c7ec40ba5fc57455a82d8388da693.png
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • It will also make another log (Addition.txt). Please copy and paste it to your reply also.

    Thanks
     
    starbuck, Jul 3, 2014
    #10
  12. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    Here are the logs! If I missed any illegal software and it comes up in the logs please let me know so I can delete it!

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
    Ran by conno_000 (administrator) on CONNORSPC on 03-07-2014 17:14:47
    Running from C:\Users\conno_000\Downloads
    Platform: Windows 8 (X64) OS Language: English (United States)
    Internet Explorer Version 10
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
    (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Spotify Ltd) C:\Users\conno_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    () C:\Windows\Temp\svchost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-19] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
    HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-11-09] (Dell Inc.)
    HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
    HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-01-20] (NVIDIA Corporation)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-05-31] (Razer Inc.)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-06-30] (Valve Corporation)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1306360 2013-12-17] (Bogdan Sharkov)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [Spotify Web Helper] => C:\Users\conno_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-28] (Spotify Ltd)
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: E - "E:\setup.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ad6129df-df55-11e2-be66-806e6f6e6963} - "D:\Special_Offers_from_SPHE_PC.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d522-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d561-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ef3ac475-fbcb-11e2-be86-84a6c8ec019d} - "F:\VZW_Software_upgrade_assistant.exe"
    Startup: C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.6.lnk
    ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
    ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

    ==================== Internet (Whitelisted) ====================

    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM-x32 - DefaultScope value is missing.
    BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
    FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
    FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Extension: No Name - C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\Extensions\staged [2014-05-15]
    FF Extension: No Name - C:\Users\conno_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgdydlgu.default\Extensions\{e7c9ce97-1bd5-e57f-4ac0-e4bbbb79bc73} [2014-05-15]

    Chrome:
    =======
    CHR HomePage: hxxp://awesomegifs.com/
    CHR StartupUrls: "hxxp://proxy.allsearchapp.com/app/start/", "hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a", "hxxp://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=smt&utm_campaign=eXQ&utm_content=hp&from=smt&uid=TOSHIBAXMQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301"
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    CHR Extension: (Google Docs) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-09]
    CHR Extension: (Google Drive) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-09]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
    CHR Extension: (YouTube) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-09]
    CHR Extension: (Google Search) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-09]
    CHR Extension: (UNO HD) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbiocfeggkcomnebamodmbngedojipdp [2014-06-23]
    CHR Extension: (Google Wallet) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Draw My Thing) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\odpjeimbfolekeldhfddmbemmpiffkch [2014-06-23]
    CHR Extension: (Enhanced Steam) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2014-06-25]
    CHR Extension: (Gmail) - C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-09]

    ==================== Services (Whitelisted) =================

    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
    S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [89944 2013-12-31] (EasyAntiCheat Ltd)
    R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
    R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
    S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
    R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
    R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

    ==================== Drivers (Whitelisted) ====================

    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
    R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
    R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
    S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23312 2013-01-22] (Dell Computer Corporation)
    S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2013-01-22] (Dell Computer Corporation)
    R3 ESEADriver2; C:\Users\conno_000\AppData\Local\Temp\ESEADriver2.sys [121552 2014-07-02] ()
    R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
    R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
    R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
    S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-25] (Microsoft Corporation)
    S3 Delldiag; \??\C:\__de11ctstestfolder20120wdcsa__\WBT\WBT_W64\DDDriver.sys [X]
    S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]
    S3 TDKLIB; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-07-03 17:14 - 2014-07-03 17:15 - 00020792 _____ () C:\Users\conno_000\Downloads\FRST.txt
    2014-07-03 17:13 - 2014-07-03 17:13 - 02083840 _____ (Farbar) C:\Users\conno_000\Downloads\FRST64.exe
    2014-07-02 22:52 - 2014-07-02 22:52 - 00003140 _____ () C:\Windows\System32\Tasks\{43B14DE3-9C98-48B7-BA18-05F785438CC3}
    2014-07-02 22:46 - 2014-07-02 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-07-02 15:32 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-07-02 15:31 - 2014-07-02 15:34 - 00000000 ____D () C:\AdwCleaner
    2014-07-02 15:19 - 2014-07-03 17:14 - 00000000 ____D () C:\FRST
    2014-07-02 14:29 - 2014-07-02 15:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-02 14:29 - 2014-07-02 14:29 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-02 14:29 - 2014-07-02 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-07-02 14:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-07-02 14:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-07-02 14:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-07-01 20:43 - 2014-07-01 20:43 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Celavimus
    2014-07-01 20:37 - 2014-07-01 20:43 - 00001203 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
    2014-07-01 20:37 - 2014-07-01 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
    2014-07-01 20:37 - 2014-07-01 20:37 - 00000000 ____D () C:\Program Files (x86)\CEVO
    2014-06-30 20:43 - 2014-06-30 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000944 _____ () C:\Users\conno_000\Desktop\ESEA Client.lnk
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000000 ____D () C:\Program Files\ESEA
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001830 _____ () C:\Users\conno_000\Desktop\Spotify.lnk
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001816 _____ () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2014-06-28 20:49 - 2014-07-02 14:14 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 14
    2014-06-28 19:19 - 2014-06-28 19:19 - 00003136 _____ () C:\Windows\System32\Tasks\Origin
    2014-06-28 15:46 - 2014-06-28 19:05 - 00000000 ____D () C:\Users\conno_000\Desktop\Games
    2014-06-26 19:21 - 2014-06-26 19:21 - 00000017 _____ () C:\Users\conno_000\AppData\Local\resmon.resmoncfg
    2014-06-24 20:14 - 2014-06-30 20:40 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Spotify
    2014-06-24 20:14 - 2014-06-30 20:35 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Spotify
    2014-06-23 23:02 - 2014-06-23 23:02 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-06-19 15:59 - 2014-07-02 14:59 - 00000000 ____D () C:\Users\joann_000.CONNORSPC
    2014-06-10 17:21 - 2014-06-10 17:21 - 00000000 ____D () C:\Program Files\CEVO
    2014-06-08 23:17 - 2014-03-05 07:46 - 00765824 _____ (Razer USA Ltd) C:\Windows\SysWOW64\RzMwApi.dll
    2014-06-06 23:54 - 2014-06-06 23:54 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard
    2014-06-06 23:45 - 2014-06-28 17:46 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-06-06 23:45 - 2014-06-06 23:45 - 00001189 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-06-06 23:45 - 2014-06-06 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-06-06 23:41 - 2014-06-28 18:23 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Battle.net
    2014-06-06 23:41 - 2014-06-25 00:18 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Battle.net
    2014-06-06 23:41 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard Entertainment
    2014-06-06 23:40 - 2014-06-28 18:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
    2014-06-06 23:38 - 2014-06-06 23:38 - 00000000 ____D () C:\ProgramData\Battle.net

    ==================== One Month Modified Files and Folders =======

    2014-07-03 17:15 - 2014-07-03 17:14 - 00020792 _____ () C:\Users\conno_000\Downloads\FRST.txt
    2014-07-03 17:14 - 2014-07-02 15:19 - 00000000 ____D () C:\FRST
    2014-07-03 17:13 - 2014-07-03 17:13 - 02083840 _____ (Farbar) C:\Users\conno_000\Downloads\FRST64.exe
    2014-07-03 17:11 - 2013-07-09 17:04 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2100282219-3180197948-4272881602-1005
    2014-07-03 17:09 - 2012-07-26 03:28 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-07-03 17:07 - 2013-07-19 19:12 - 00000000 ____D () C:\Users\conno_000\AppData\Local\LogMeIn Hamachi
    2014-07-03 17:07 - 2013-07-09 17:10 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-07-03 17:06 - 2013-07-09 17:02 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-07-03 17:06 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
    2014-07-03 14:49 - 2013-10-28 20:59 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\TS3Client
    2014-07-03 14:44 - 2013-07-09 17:02 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-07-03 14:16 - 2014-01-09 18:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-07-03 13:07 - 2013-10-19 14:52 - 00000000 ____D () C:\Games
    2014-07-03 13:05 - 2013-10-21 15:26 - 00000000 ____D () C:\ProgramData\Sony
    2014-07-03 13:03 - 2013-10-14 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX Essential Plus Overdrive
    2014-07-03 13:00 - 2013-07-09 19:25 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2014-07-03 12:56 - 2013-10-20 19:12 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Adobe
    2014-07-02 23:14 - 2013-10-13 14:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
    2014-07-02 23:13 - 2013-06-27 14:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-07-02 22:53 - 2013-09-14 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
    2014-07-02 22:52 - 2014-07-02 22:52 - 00003140 _____ () C:\Windows\System32\Tasks\{43B14DE3-9C98-48B7-BA18-05F785438CC3}
    2014-07-02 22:51 - 2013-08-31 00:33 - 00000000 ____D () C:\Users\conno_000\Documents\My Games
    2014-07-02 22:49 - 2013-09-06 22:10 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
    2014-07-02 22:49 - 2013-07-09 16:58 - 00000000 ____D () C:\Users\conno_000
    2014-07-02 22:46 - 2014-07-02 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-07-02 22:43 - 2014-03-02 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
    2014-07-02 22:43 - 2013-10-20 19:12 - 00000000 ____D () C:\ProgramData\Adobe
    2014-07-02 22:41 - 2013-07-20 15:43 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\uTorrent
    2014-07-02 22:37 - 2013-12-10 12:49 - 00000000 ____D () C:\Users\conno_000\Downloads\Kick-Ass 2 (2013) [1080p]
    2014-07-02 15:35 - 2013-06-27 14:16 - 00146938 _____ () C:\Windows\PFRO.log
    2014-07-02 15:35 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-07-02 15:35 - 2012-07-26 01:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
    2014-07-02 15:34 - 2014-07-02 15:31 - 00000000 ____D () C:\AdwCleaner
    2014-07-02 15:34 - 2013-09-01 15:32 - 00001067 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-07-02 15:34 - 2013-07-09 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-07-02 15:34 - 2013-07-09 16:58 - 00000999 _____ () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-07-02 15:07 - 2014-07-02 14:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-07-02 15:01 - 2014-01-27 13:53 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
    2014-07-02 15:00 - 2013-07-09 16:58 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Adobe
    2014-07-02 15:00 - 2012-07-26 04:12 - 00000000 __RSD () C:\Windows\Media
    2014-07-02 14:59 - 2014-06-19 15:59 - 00000000 ____D () C:\Users\joann_000.CONNORSPC
    2014-07-02 14:59 - 2013-07-09 16:41 - 00000000 ____D () C:\Users\joann_000
    2014-07-02 14:29 - 2014-07-02 14:29 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-07-02 14:29 - 2014-07-02 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-07-02 14:29 - 2014-07-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-02 14:28 - 2014-07-02 14:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-07-02 14:14 - 2014-06-28 20:49 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 14
    2014-07-01 20:43 - 2014-07-01 20:43 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Celavimus
    2014-07-01 20:43 - 2014-07-01 20:37 - 00001203 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
    2014-07-01 20:43 - 2014-07-01 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
    2014-07-01 20:37 - 2014-07-01 20:37 - 00000000 ____D () C:\Program Files (x86)\CEVO
    2014-07-01 14:40 - 2013-10-21 21:29 - 00000000 ____D () C:\Users\conno_000\AppData\Local\CrashDumps
    2014-06-30 20:43 - 2014-06-30 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    2014-06-30 20:43 - 2014-01-02 21:57 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
    2014-06-30 20:43 - 2013-07-19 19:12 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
    2014-06-30 20:41 - 2013-12-14 12:47 - 04955952 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-06-30 20:40 - 2014-06-24 20:14 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Spotify
    2014-06-30 20:35 - 2014-06-24 20:14 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Spotify
    2014-06-30 12:30 - 2013-06-27 14:20 - 01716340 _____ () C:\Windows\WindowsUpdate.log
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000944 _____ () C:\Users\conno_000\Desktop\ESEA Client.lnk
    2014-06-29 22:49 - 2014-06-29 22:49 - 00000000 ____D () C:\Program Files\ESEA
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001830 _____ () C:\Users\conno_000\Desktop\Spotify.lnk
    2014-06-28 23:59 - 2014-06-28 23:59 - 00001816 _____ () C:\Users\conno_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2014-06-28 21:35 - 2013-06-27 14:47 - 00189274 _____ () C:\Windows\DPINST.LOG
    2014-06-28 21:34 - 2013-12-20 13:46 - 00000000 ____D () C:\Program Files (x86)\Razer
    2014-06-28 21:33 - 2013-12-20 13:47 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Razer
    2014-06-28 21:31 - 2013-12-20 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
    2014-06-28 20:58 - 2013-09-04 22:04 - 00000000 ____D () C:\ProgramData\Origin
    2014-06-28 20:58 - 2013-09-04 22:04 - 00000000 ____D () C:\Program Files (x86)\Origin
    2014-06-28 19:19 - 2014-06-28 19:19 - 00003136 _____ () C:\Windows\System32\Tasks\Origin
    2014-06-28 19:19 - 2013-09-04 22:05 - 00000000 ___HD () C:\Users\conno_000\AppData\Roaming\Origin
    2014-06-28 19:05 - 2014-06-28 15:46 - 00000000 ____D () C:\Users\conno_000\Desktop\Games
    2014-06-28 18:43 - 2014-04-16 20:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
    2014-06-28 18:39 - 2013-07-09 17:02 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-06-28 18:39 - 2013-07-09 17:02 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-06-28 18:25 - 2013-09-26 18:58 - 00000000 ____D () C:\Users\conno_000\Documents\FIFA 13
    2014-06-28 18:23 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\Battle.net
    2014-06-28 18:23 - 2013-09-24 17:16 - 00000000 ____D () C:\Users\conno_000\AppData\Roaming\DVDVideoSoft
    2014-06-28 18:22 - 2013-08-28 01:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder
    2014-06-28 18:21 - 2013-09-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
    2014-06-28 18:14 - 2014-06-06 23:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-06-28 18:01 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\registration
    2014-06-28 17:51 - 2013-12-20 13:46 - 00000000 ____D () C:\ProgramData\Razer
    2014-06-28 17:46 - 2014-06-06 23:45 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
    2014-06-28 17:46 - 2013-10-26 15:53 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
    2014-06-28 17:45 - 2014-05-21 12:56 - 00000000 __RHD () C:\MSOCache
    2014-06-26 19:21 - 2014-06-26 19:21 - 00000017 _____ () C:\Users\conno_000\AppData\Local\resmon.resmoncfg
    2014-06-26 11:16 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
    2014-06-26 00:05 - 2013-07-20 15:52 - 00579584 ___SH () C:\Users\conno_000\Desktop\Thumbs.db
    2014-06-25 00:18 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Battle.net
    2014-06-23 23:02 - 2014-06-23 23:02 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-06-22 23:33 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
    2014-06-22 23:33 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
    2014-06-21 18:14 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\LiveKernelReports
    2014-06-10 17:21 - 2014-06-10 17:21 - 00000000 ____D () C:\Program Files\CEVO
    2014-06-06 23:54 - 2014-06-06 23:54 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard
    2014-06-06 23:45 - 2014-06-06 23:45 - 00001189 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
    2014-06-06 23:45 - 2014-06-06 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
    2014-06-06 23:41 - 2014-06-06 23:41 - 00000000 ____D () C:\Users\conno_000\AppData\Local\Blizzard Entertainment
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2014-06-06 23:40 - 2014-06-06 23:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
    2014-06-06 23:38 - 2014-06-06 23:38 - 00000000 ____D () C:\ProgramData\Battle.net

    Files to move or delete:
    ====================
    C:\Users\conno_000\AppData\Roaming\CamLayout.ini
    C:\Users\conno_000\AppData\Roaming\CamShapes.ini
    C:\Users\conno_000\AppData\Roaming\CamStudio.Producer.Data.ini
    C:\Users\conno_000\AppData\Roaming\Origin\update.vbe


    Some content of TEMP:
    ====================
    C:\Users\conno_000\AppData\Local\Temp\DDDInstallManager.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer.exe
    C:\Users\conno_000\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-11-g81cb6e3-b2852jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-jenkins-CraftBukkit-173.dll
    C:\Users\conno_000\AppData\Local\Temp\libcurl.dll
    C:\Users\conno_000\AppData\Local\Temp\libeay32.dll
    C:\Users\conno_000\AppData\Local\Temp\libidn-11.dll
    C:\Users\conno_000\AppData\Local\Temp\librtmp.dll
    C:\Users\conno_000\AppData\Local\Temp\libssh2.dll
    C:\Users\conno_000\AppData\Local\Temp\libusb-1.0.dll
    C:\Users\conno_000\AppData\Local\Temp\LiveUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\mpa03712.exe
    C:\Users\conno_000\AppData\Local\Temp\nsz3687.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\Quarantine.exe
    C:\Users\conno_000\AppData\Local\Temp\safeguard.exe
    C:\Users\conno_000\AppData\Local\Temp\Setup-Wacom.exe
    C:\Users\conno_000\AppData\Local\Temp\sonarinst.exe
    C:\Users\conno_000\AppData\Local\Temp\ssleay32.dll
    C:\Users\conno_000\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\conno_000\AppData\Local\Temp\tbSwee.dll
    C:\Users\conno_000\AppData\Local\Temp\u59kb_lc.dll
    C:\Users\conno_000\AppData\Local\Temp\ubi43D9.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiA19.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiE28E.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\unins000.exe
    C:\Users\conno_000\AppData\Local\Temp\update.exe
    C:\Users\conno_000\AppData\Local\Temp\xmlUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\zlib1.dll


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-06-29 12:30

    ==================== End Of Log ============================


    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
    Ran by conno_000 at 2014-07-03 17:15:36
    Running from C:\Users\conno_000\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    altPUG (HKLM-x32\...\{4FC41018-ABBF-47A0-B917-2DA88C04DA7D}) (Version: 1.2 - altPUG LLC)
    APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
    Arma 2 (HKLM-x32\...\Steam App 33900) (Version: - Bohemia Interactive)
    Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
    Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
    Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
    Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
    Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
    BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
    Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
    Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
    Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
    Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version: - Treyarch)
    CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
    CEVO Paladin (0.5.0.0) (HKLM\...\cmn_cevo_is1) (Version: 0.5.0.0 - CEVO)
    Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
    Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
    Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
    EPSON Artisan 837 Series Printer Uninstall (HKLM\...\EPSON Artisan 837 Series) (Version: - SEIKO EPSON Corporation)
    ESEA Client (HKCU\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
    FileZilla Client 3.7.1.1 (HKCU\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
    Free Audio Converter version 5.0.28.827 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.28.827 - DVDVideoSoft Ltd.)
    Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
    GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
    Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
    Goat Simulator Development Kit (HKLM-x32\...\Steam App 285710) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
    Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
    Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
    Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
    Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
    League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
    Leetway Client (HKLM-x32\...\{667124BE-B9E1-4E5A-A0F5-4313C6A8A5C2}) (Version: 1 - Leetway Inc.)
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
    Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
    MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
    MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.45.6 - Black Tree Gaming)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.2 - Notepad++ Team)
    NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
    NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
    NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
    Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
    PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
    Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.3.6 - PowerUp Software)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.37 - Dell Inc.)
    QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
    Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
    Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
    REX Essential Plus Overdrive (HKLM-x32\...\{9F30A684-44DC-4BDF-89ED-70F9021B851F}) (Version: 3.5.2012.1029 - REX Game Studios)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
    Setup - FIFA 14 Ultimate Edition ... (HKLM-x32\...\Setup - FIFA 14 Ultimate Edition ...) (Version: ... - Electronic Arts)
    SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
    SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
    Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
    Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
    Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
    Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
    Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
    Uplay (HKLM-x32\...\Uplay) (Version: 3.2 - Ubisoft)
    VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
    Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
    War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
    WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
    WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
    Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)

    ==================== Restore Points =========================

    28-06-2014 20:25:01 cleaning viruses
    28-06-2014 21:37:46 Restore Operation
    03-07-2014 02:44:56 Removed Adobe Help Manager

    ==================== Hosts content: ==========================

    2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {0626CA07-403A-4127-A073-8FE596E3F069} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
    Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
    Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
    Task: {370DF13C-227A-4E8A-9498-C80DA3632324} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
    Task: {3870269C-A753-41CE-9470-A3543CA5ED69} - System32\Tasks\Origin => C:\Users\conno_000\AppData\Roaming\Origin\update.vbe [2014-06-28] () <==== ATTENTION
    Task: {65E7E9E0-C2DA-4DAF-A44A-976609790CEF} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
    Task: {7E5F1297-E3C2-482E-AFBA-EB37D63B5311} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-09] (Google Inc.)
    Task: {8C258852-C5BA-4030-9F3A-6EE52273E3D6} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-connormer@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {974EEE2D-FB52-4D85-8945-FC1F548F1088} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
    Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
    Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
    Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-04-16 20:11 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2014-04-16 20:11 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
    2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    2013-10-01 16:56 - 2014-03-04 10:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2013-06-27 14:26 - 2014-03-04 09:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-06-28 18:42 - 2014-06-28 18:42 - 08890536 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2012-06-18 11:24 - 2012-06-18 11:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
    2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
    2013-06-26 22:33 - 2013-04-02 16:42 - 00176024 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
    2014-03-09 15:45 - 2013-12-04 12:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
    2013-06-26 22:36 - 2012-10-26 14:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2014-07-02 15:05 - 2014-07-03 17:07 - 00645646 _____ () C:\Windows\Temp\svchost.exe
    2014-04-05 18:59 - 2014-04-05 18:59 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\4f91b7d6b3821366470574294553d6ce\PSIClient.ni.dll
    2013-06-27 14:46 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-05-26 16:23 - 2014-05-30 21:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
    2014-05-26 16:23 - 2014-05-30 21:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
    2014-05-15 16:35 - 2014-05-30 21:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
    2014-05-15 16:35 - 2014-05-30 21:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
    2014-05-15 16:35 - 2014-06-26 18:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2014-05-26 16:23 - 2014-06-30 17:47 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
    2014-05-26 16:23 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
    2014-05-15 16:35 - 2014-06-30 17:46 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2014-05-15 16:35 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
    2014-05-15 16:35 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
    2013-10-01 16:56 - 2014-03-04 10:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    2014-06-29 11:25 - 2014-07-03 17:07 - 00279955 _____ () C:\Windows\Temp\libidn-11.dll
    2014-06-29 11:25 - 2014-07-03 17:07 - 00084992 _____ () C:\Windows\Temp\zlib1.dll
    2013-06-27 16:12 - 2013-06-27 16:12 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
    2014-06-28 23:45 - 2014-06-05 09:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
    AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    HKLM\...\StartupApproved\Run32: => "Razer Synapse"
    HKCU\...\StartupApproved\StartupFolder: => "Intel(R) Turbo Boost Technology Monitor 2.6.lnk"
    HKCU\...\StartupApproved\Run: => "uTorrent"
    HKCU\...\StartupApproved\Run: => "Clownfish"

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/03/2014 05:09:56 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost (1708) {3E8F952C-D92F-4047-BFB5-E5BB159404B7}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/03/2014 05:09:56 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost (1708) {3E8F952C-D92F-4047-BFB5-E5BB159404B7}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/03/2014 05:09:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (07/03/2014 05:09:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (07/03/2014 05:08:08 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost (224) {EB4D74AC-8780-4364-A25D-6FFF06B20927}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/03/2014 05:08:08 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost (224) {EB4D74AC-8780-4364-A25D-6FFF06B20927}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/03/2014 00:57:55 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost (4308) {D3955C7F-A818-45A0-A1E9-859700E91E48}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/03/2014 00:57:55 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost (4308) {D3955C7F-A818-45A0-A1E9-859700E91E48}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

    Error: (07/03/2014 00:57:37 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost (8920) {FB4F84A0-04BF-4CD8-B943-D32BE9305D05}: Database recovery/restore failed with unexpected error -1216.

    Error: (07/03/2014 00:57:37 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost (8920) {FB4F84A0-04BF-4CD8-B943-D32BE9305D05}: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.


    System errors:
    =============
    Error: (07/03/2014 00:55:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Steam Client Service service failed to start due to the following error:
    %%1053

    Error: (07/03/2014 00:55:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

    Error: (07/02/2014 03:36:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/02/2014 03:01:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/30/2014 08:43:15 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
    Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

    Error: (06/30/2014 08:42:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/30/2014 08:41:34 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 12:22:57 PM on ‎6/‎30/‎2014 was unexpected.

    Error: (06/29/2014 04:22:15 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable

    Error: (06/29/2014 04:07:14 PM) (Source: DCOM) (EventID: 10016) (User: CONNORSPC)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ConnorsPCconno_000S-1-5-21-2100282219-3180197948-4272881602-1005LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office Sessions:
    =========================
    Error: (07/03/2014 05:09:56 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost1708{3E8F952C-D92F-4047-BFB5-E5BB159404B7}: -1216

    Error: (07/03/2014 05:09:56 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost1708{3E8F952C-D92F-4047-BFB5-E5BB159404B7}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/03/2014 05:09:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: WmiApRplWmiApRpl8F2030000E5050000

    Error: (07/03/2014 05:09:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance163707000000000000000000008F020000

    Error: (07/03/2014 05:08:08 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost224{EB4D74AC-8780-4364-A25D-6FFF06B20927}: -1216

    Error: (07/03/2014 05:08:08 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost224{EB4D74AC-8780-4364-A25D-6FFF06B20927}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/03/2014 00:57:55 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: taskhost4308{D3955C7F-A818-45A0-A1E9-859700E91E48}: -1216

    Error: (07/03/2014 00:57:55 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: taskhost4308{D3955C7F-A818-45A0-A1E9-859700E91E48}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb

    Error: (07/03/2014 00:57:37 PM) (Source: ESENT) (EventID: 454) (User: )
    Description: SettingSyncHost8920{FB4F84A0-04BF-4CD8-B943-D32BE9305D05}: -1216

    Error: (07/03/2014 00:57:37 PM) (Source: ESENT) (EventID: 494) (User: )
    Description: SettingSyncHost8920{FB4F84A0-04BF-4CD8-B943-D32BE9305D05}: -1216C:\Users\conno_000\AppData\Local\Microsoft\Windows\Live\Roaming\LocalSync\meta.edb


    ==================== Memory info ===========================

    Percentage of memory in use: 28%
    Total physical RAM: 8048.88 MB
    Available physical RAM: 5764.73 MB
    Total Pagefile: 9264.88 MB
    Available Pagefile: 6950.19 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:930.37 GB) (Free:488.34 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 932 GB) (Disk ID: B2CF82E0)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================
     
    Connor Merenda, Jul 3, 2014
    #11
  13. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Connor,

    Thank you for your understanding.
    Most sites have a policy of not helping when illegal software is involved.
    This is because a lot of staff have connections to software vendors and it doesn't look very good if we are seen to condone the use of illegal software.
    Plus from a legal point of view it's not good standing for our site.
    It's also a good source of malware.... by adding malware to the download, the bad guys get you to infect your system for them.


    Step 1
    Please uninstall QuickShare
    QuickShare is an adware program that displays coupons, advertisements and sponsored links via a pop-up box on Google, Youtube, Amazon, Facebook and other websites that you are visiting.


    Step 2
    Please download the attached fixlist.txt file (bottom of this post) and save it to: C:\Users\conno_000\Downloads.
    NOTE.
    It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system

    Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

    2cf1672fdd2151dad6f349c704143429.png

    The tool will make a log in the Download folder (Fixlog.txt). Please post this in your next reply.


    Step 3
    Java 7 Update 51

    Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
    • Download the latest version of Java Runtime Environment (JRE) 8 Update 5 and save it to your desktop.
    • Scroll down to where it says "Java SE 8 Update 5".
    • Click the "Download JRE " button.
    • Accept the license agreement.
    • select 'Windows x64.exe' from the list.
    • Save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on downloaded icon to install the newest version.

    Step 4
    We need to remove some entries from Google Chrome.
    With Chrome it's best to let the program itself deal with these.

    To reset Google Chrome
    • Click the Menu option button at the top right of the Google Chrome screen
    • Select Settings.
    • Click Show advanced settings and find the "Reset browser settings” section.
    • Click Reset browser settings.
    • In the dialogue that appears, click Reset. Note: When the "Help make Google Chrome better by reporting the current settings" tick box is selected you are anonymously sending Google your Chrome settings. Reporting these settings allows us to analyse trends and work to prevent future unwanted settings changes.

    Resetting your browser settings will impact the settings below:

    Default search engine and saved search engines will be reset and to their original defaults.
    Homepage button will be hidden and the URL that you previously set will be removed.
    Default startup tabs will be cleared. The browser will show a new tab when you startup or continue where you left off if you're on a Chromebook.
    New Tab page will be empty unless you have a version of Chrome with an extension that controls it. In that case your page may be preserved.
    Pinned tabs will be unpinned.
    Content settings will be cleared and reset to their installation defaults.
    Cookies and site data will be cleared.
    Extensions and themes will be disabled.


    Step 5
    Download TFC by OldTimer to your desktop
    • Please double-click TFC.exe to run it. (Note: If you are running on Vista/Win7/Win8, right-click on the file and choose Run As Administrator).
    • It will close all programs when run, so make sure you have saved all your work before you begin.
    • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
    • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


    In your next reply, please submit:
    Fixlog.txt
    and let me know how the system is running now.
    Plus, let me know of any problems with any of the steps.


    Thanks.
     

    Attached Files:

    starbuck, Jul 3, 2014
    #12
  14. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    All the steps worked flawlessly! I went into areas in my game where frame rate has been bad lately and seems to be alot better! I will let you know if any issues occur. Here is the fixlog from FRST. Also let me know if there is anything else that the fixlog didn't catch that I should take off my computer.

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-07-2014
    Ran by conno_000 at 2014-07-03 18:53:32 Run:1
    Running from C:\Users\conno_000\Downloads
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    () C:\Windows\Temp\svchost.exe
    HKLM-x32\...\Run: [] => [X]
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: E - "E:\setup.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ad6129df-df55-11e2-be66-806e6f6e6963} - "D:\Special_Offers_from_SPHE_PC.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d522-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {d902d561-22e1-11e3-bedb-84a6c8ec019d} - "F:\Autorun.exe"
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\...\MountPoints2: {ef3ac475-fbcb-11e2-be86-84a6c8ec019d} - "F:\VZW_Software_upgrade_assistant.exe"
    ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    SearchScopes: HKLM-x32 - DefaultScope value is missing.
    S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [89944 2013-12-31] (EasyAntiCheat Ltd)
    S3 Delldiag; \??\C:\__de11ctstestfolder20120wdcsa__\WBT\WBT_W64\DDDriver.sys [X]
    S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]
    S3 TDKLIB; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]
    C:\Users\conno_000\AppData\Roaming\CamLayout.ini
    C:\Users\conno_000\AppData\Roaming\CamShapes.ini
    C:\Users\conno_000\AppData\Roaming\CamStudio.Producer.Data.ini
    C:\Users\conno_000\AppData\Roaming\Origin\update.vbe
    C:\Users\conno_000\AppData\Local\Temp\DDDInstallManager.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer.exe
    C:\Users\conno_000\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-11-g81cb6e3-b2852jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-jenkins-CraftBukkit-173.dll
    C:\Users\conno_000\AppData\Local\Temp\libcurl.dll
    C:\Users\conno_000\AppData\Local\Temp\libeay32.dll
    C:\Users\conno_000\AppData\Local\Temp\libidn-11.dll
    C:\Users\conno_000\AppData\Local\Temp\librtmp.dll
    C:\Users\conno_000\AppData\Local\Temp\libssh2.dll
    C:\Users\conno_000\AppData\Local\Temp\libusb-1.0.dll
    C:\Users\conno_000\AppData\Local\Temp\LiveUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\mpa03712.exe
    C:\Users\conno_000\AppData\Local\Temp\nsz3687.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\Quarantine.exe
    C:\Users\conno_000\AppData\Local\Temp\safeguard.exe
    C:\Users\conno_000\AppData\Local\Temp\Setup-Wacom.exe
    C:\Users\conno_000\AppData\Local\Temp\sonarinst.exe
    C:\Users\conno_000\AppData\Local\Temp\ssleay32.dll
    C:\Users\conno_000\AppData\Local\Temp\swt-win32-3349.dll
    C:\Users\conno_000\AppData\Local\Temp\tbSwee.dll
    C:\Users\conno_000\AppData\Local\Temp\u59kb_lc.dll
    C:\Users\conno_000\AppData\Local\Temp\ubi43D9.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiA19.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\ubiE28E.tmp.exe
    C:\Users\conno_000\AppData\Local\Temp\unins000.exe
    C:\Users\conno_000\AppData\Local\Temp\update.exe
    C:\Users\conno_000\AppData\Local\Temp\xmlUpdater.exe
    C:\Users\conno_000\AppData\Local\Temp\zlib1.dll
    Task: {3870269C-A753-41CE-9470-A3543CA5ED69} - System32\Tasks\Origin => C:\Users\conno_000\AppData\Roaming\Origin\update.vbe [2014-06-28] () <==== ATTENTION
    2014-07-02 15:05 - 2014-07-03 17:07 - 00645646 _____ () C:\Windows\Temp\svchost.exe
    2014-07-02 22:52 - 2014-07-02 22:52 - 00003140 _____ () C:\Windows\System32\Tasks\{43B14DE3-9C98-48B7-BA18-05F785438CC3}
    C:\Program Files (x86)\EasyAntiCheat
    Hosts:
    Reboot:



    *****************

    [6448] C:\Windows\Temp\svchost.exe => Process closed successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
    HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
    'HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2100282219-3180197948-4272881602-1005'=> Key not found.
    'HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad6129df-df55-11e2-be66-806e6f6e6963}' => Key deleted successfully.
    'HKCR\CLSID\{ad6129df-df55-11e2-be66-806e6f6e6963}'=> Key not found.
    'HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d902d522-22e1-11e3-bedb-84a6c8ec019d}' => Key deleted successfully.
    'HKCR\CLSID\{d902d522-22e1-11e3-bedb-84a6c8ec019d}'=> Key not found.
    'HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d902d561-22e1-11e3-bedb-84a6c8ec019d}' => Key deleted successfully.
    'HKCR\CLSID\{d902d561-22e1-11e3-bedb-84a6c8ec019d}'=> Key not found.
    'HKU\S-1-5-21-2100282219-3180197948-4272881602-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef3ac475-fbcb-11e2-be86-84a6c8ec019d}' => Key deleted successfully.
    'HKCR\CLSID\{ef3ac475-fbcb-11e2-be86-84a6c8ec019d}'=> Key not found.
    'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1'=> Key not found.
    'HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
    'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2'=> Key not found.
    'HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
    'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3'=> Key not found.
    'HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
    'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1'=> Key not found.
    'HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
    'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2'=> Key not found.
    'HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
    'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3'=> Key not found.
    'HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    EasyAntiCheat => Service deleted successfully.
    Delldiag => Service deleted successfully.
    lmimirr => Service deleted successfully.
    TDKLIB => Service deleted successfully.
    "C:\Users\conno_000\AppData\Roaming\CamLayout.ini" => File/Directory not found.
    "C:\Users\conno_000\AppData\Roaming\CamShapes.ini" => File/Directory not found.
    "C:\Users\conno_000\AppData\Roaming\CamStudio.Producer.Data.ini" => File/Directory not found.
    C:\Users\conno_000\AppData\Roaming\Origin\update.vbe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\DDDInstallManager.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-1.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-2.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer-3.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-11-g81cb6e3-b2852jnks.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\jansi-64-git-Bukkit-jenkins-CraftBukkit-173.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\libcurl.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\libeay32.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\libidn-11.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\librtmp.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\libssh2.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\libusb-1.0.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\LiveUpdater.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\mpa03712.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\nsz3687.tmp.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\Quarantine.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\safeguard.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\Setup-Wacom.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\sonarinst.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\ssleay32.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\tbSwee.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\u59kb_lc.dll => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\ubi43D9.tmp.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\ubiA19.tmp.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\ubiE28E.tmp.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\unins000.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\update.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\xmlUpdater.exe => Moved successfully.
    C:\Users\conno_000\AppData\Local\Temp\zlib1.dll => Moved successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3870269C-A753-41CE-9470-A3543CA5ED69}' => Key deleted successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3870269C-A753-41CE-9470-A3543CA5ED69}' => Key deleted successfully.
    C:\Windows\System32\Tasks\Origin => Moved successfully.
    'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin' => Key deleted successfully.
    C:\Windows\Temp\svchost.exe => Moved successfully.
    C:\Windows\System32\Tasks\{43B14DE3-9C98-48B7-BA18-05F785438CC3} => Moved successfully.
    C:\Program Files (x86)\EasyAntiCheat => Moved successfully.
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.


    The system needed a reboot.

    ==== End of Fixlog ====
     
    Connor Merenda, Jul 3, 2014
    #13
  15. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    My frame rate was good for an hour but now it is back to being bad.
     
    Connor Merenda, Jul 3, 2014
    #14
  16. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Connor,

    I'd like you to do an ESET OnlineScan
    64Bit users, please see note at the bottom.

    You may find it beneficial to close your resident AV program before running the scan.

    It's been found that on some systems the Eset's Online Scan fails during the database download ( around 20% )
    To prevent this happening:
    When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):

    Enable Anti-Stealth technology

    9be2a7734ccc4d2fa4b41730731e62da.png

    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    • Click the [​IMG] button.
    • If asked, allow the activex control to install
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on [​IMG] to download the ESET Smart Installer.
        Save it to your desktop.
      • Double click on the [​IMG] icon on your desktop.
    • Check [​IMG]
    • Click the [​IMG] button.
    • Accept any security warnings from your browser.
    • Check [​IMG]
    • Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
    • Click the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push [​IMG]
    • Click [​IMG], and save the file to your desktop using a unique name, such as ESETScan.
      Include the contents of this report in your next reply.
    • Click the [​IMG] button.
    • Click [​IMG]
    A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

    Note:
    As you are running a 64bit system:
    The ESET Online Scanner is a 32-bit application, which means it must be run through in the 32-bit version of Internet Explorer, and as an Administrator. To do so, right-click on the Internet Explorer (32-bit) icon in the Start Menu and select "Run as administrator" from the context menu.
    Or you can use Firefox or Google Chrome as both should be a 32bit version.
     
    starbuck, Jul 4, 2014
    #15
  17. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    I did the scan and it found 15 threats and removed all of them. Unfortunately I forgot to export the txt file and I have no log. Let me know what I need to do now!
     
    Connor Merenda, Jul 4, 2014
    #16
  18. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Take a look here:
    C:\Program Files\ESET\ESET Online Scanner\log.txt

    is there a copy of the report saved?
     
    starbuck, Jul 4, 2014
    #17
  19. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    No, there is nothing there either.
     
    Connor Merenda, Jul 4, 2014
    #18
  20. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    So we don't know if the items that were removed, were something that had been missed before or items that had already been dealt with and were found in the quarantine folders.
    Eset will check any quarantine folders.

    As MBAM found a lot of stuff to start with, let's run an updated scan..... but we'll look a little deeper this time.
    Just to be on the safe side.

    MBAM Threat scan + Rootkit scan

    • Click the Settings tab >> Detection and Protection >> Detection Options, tick the box 'Scan for rootkits'.
    • Click on the Scan tab,

      7a688307680996180ff281455881fc23.png
    • Click on Scan Now . You will be warned if an update is available.... click the Update Now button.
    • A Threat/Rootkit Scan will begin.
    • With some infections, you may see this message box.
    'Could not load DDA driver'
    • Click 'Yes' to this message, to allow the driver to load after a restart.
    • Allow the computer to restart. Continue with the rest of these instructions.
    • When the scan is complete, click Apply Actions.
    • Wait for the prompt to restart the computer to appear, then click on Yes.

    (Copy to clipboard for pasting into forum replies)

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab >> Application Logs.

      1a5647095386d381fc1a2a2958419905.png
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'

      659074db5778e497b12fcc667ed9d26a.png
    • Paste the contents of the clipboard into your reply.
     
    starbuck, Jul 5, 2014
    #19
  21. Connor Merenda

    Connor Merenda Registered Members

    Joined:
    Jul 2, 2014
    Messages:
    13
    Operating System:
    Windows 8
    Here is the log!

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 7/5/2014
    Scan Time: 1:23:43 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.07.05.09
    Rootkit Database: v2014.07.03.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8
    CPU: x64
    File System: NTFS
    User: conno_000

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 307112
    Time Elapsed: 13 min, 2 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 1
    PUP.Optional.Conduit.A, C:\Users\conno_000\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://proxy.allsearchapp.com/app/start/", "http://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=7098c80700000000000084a6c8ec019a", "http://search.conduit.com/?ctid=CT3314199&SearchSource=48&CUI=UN28464332818567807&UM=2", "http://www.dosearches.com/?utm_sour...MQ01ABD100_638TTBRYTXX638TTBRYT&ts=1382495301" ],), Replaced,[b76bf2a9a4d7e353c100942f6d970af6]

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
    Connor Merenda, Jul 5, 2014
    #20
Page 1 of 2

Share This Page