Solved Removing Exploit:Java/CVE virus

[Jaykay]

I ran AdwCleaner but can't find the report - I will run it again if I can't trace it ... although it didn't say anything. I also couldn't immediately find the link to aswMBR and will work on that later today and post both scan results to you. In the meantime here's the FRST scan logs:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by John (administrator) on JAYKAYSVAIO on 27-11-2014 10:56:33
Running from C:\Users\John\Downloads
Loaded Profile: John (Available profiles: John)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4484608 2014-01-22] (Research In Motion Limited)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1464336 2014-02-03] (Research In Motion)
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\MountPoints2: {3edd7706-c191-11e3-802b-b8763ff59eea} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBEAFA000D109D001
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms}
SearchScopes: HKU\.DEFAULT -> {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> DefaultScope {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {4BA09C6D-3C77-9D14-BC01-149374DBEC04} URL =
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default
FF DefaultSearchEngine: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Keyword.URL: https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\iobitascsurfingprotection@iobit.com [2014-11-18]
FF Extension: Yahoo Community Smartbar - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{dd312948-01f6-4288-9a59-3368f4f55bdf} [2014-07-03]
FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-08]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-08]
FF HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-10-27]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]
Chrome:
=======
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSearchURL: Default -> https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-08]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [156904 2014-11-13] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-07] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-01-22] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1309696 2014-01-22] (Research In Motion Limited) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-01-22] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-16] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-28] ()
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S0 mferkdet; \SystemRoot\system32\drivers\mferkdet.sys [X]
S3 MFE_RR; \??\C:\Users\John\AppData\Local\Temp\mfe_rr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 10:56 - 2014-11-27 10:56 - 00025960 _____ () C:\Users\John\Downloads\FRST.txt
2014-11-27 10:55 - 2014-11-27 10:56 - 00000000 ____D () C:\FRST
2014-11-27 10:55 - 2014-11-27 10:55 - 02117632 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-11-27 10:10 - 2014-11-27 10:11 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141127_101059.log
2014-11-27 10:10 - 2014-11-27 10:10 - 00783120 _____ (McAfee, Inc.) C:\Users\John\Downloads\rootkitremover.exe
2014-11-27 10:08 - 2014-11-27 10:09 - 00000855 _____ () C:\Users\John\Downloads\Stinger_27112014_100816.html
2014-11-27 10:04 - 2014-11-27 10:09 - 00000000 ____D () C:\Program Files\stinger
2014-11-27 10:04 - 2014-11-27 10:06 - 00000978 _____ () C:\Users\John\Downloads\Stinger_27112014_100425.html
2014-11-27 10:03 - 2014-11-27 10:03 - 12484464 _____ (McAfee Inc) C:\Users\John\Downloads\stinger64.exe
2014-11-26 23:21 - 2014-11-26 23:24 - 00000000 ____D () C:\AdwCleaner
2014-11-26 23:15 - 2014-11-26 23:19 - 00000755 _____ () C:\Users\John\Desktop\Start Emsisoft Emergency Kit.lnk
2014-11-26 23:14 - 2014-11-26 23:18 - 00000000 ____D () C:\EEK
2014-11-26 23:13 - 2014-11-26 23:14 - 159691800 _____ () C:\Users\John\Downloads\EmsisoftEmergencyKit.exe
2014-11-26 23:00 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-26 22:59 - 2014-11-26 22:59 - 11222744 _____ (SurfRight B.V.) C:\Users\John\Downloads\HitmanPro_x64.exe
2014-11-26 22:58 - 2014-11-26 22:58 - 06045272 _____ () C:\Users\John\Downloads\RogueKiller_old.exe
2014-11-26 22:57 - 2014-11-26 22:57 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64 (1).exe
2014-11-26 22:07 - 2014-11-26 22:07 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-11-26 22:07 - 2014-11-26 22:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-26 22:06 - 2014-11-26 22:06 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64.exe
2014-11-26 20:19 - 2014-11-26 23:25 - 00000698 _____ () C:\WINDOWS\PFRO.log
2014-11-26 19:53 - 2014-11-27 02:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-26 19:53 - 2014-11-26 20:53 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-26 19:53 - 2014-11-26 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-26 19:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-26 19:53 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-26 19:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-26 19:51 - 2014-11-26 19:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\DAD.exe
2014-11-26 19:21 - 2014-11-26 19:27 - 05514984 _____ () C:\Users\John\Desktop\Rkill.txt
2014-11-26 19:16 - 2014-11-26 19:16 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\iExplore.exe
2014-11-26 13:00 - 2014-11-26 13:01 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\John\Downloads\tdsskiller.exe
2014-11-26 12:58 - 2014-11-26 12:58 - 00000077 ___RH () C:\Users\John\Downloads\GetSusp.opt
2014-11-26 12:54 - 2014-11-26 12:54 - 02191924 _____ () C:\Users\John\Downloads\gsusp_4B50C87A07AE_112614_125438.zip
2014-11-26 12:53 - 2014-11-26 12:54 - 00001160 _____ () C:\Users\John\Downloads\GetSusp.xml
2014-11-26 12:51 - 2014-11-26 12:51 - 01579552 _____ (McAfee Inc.) C:\Users\John\Downloads\getsusp.exe
2014-11-26 12:33 - 2014-11-26 12:33 - 04163057 _____ () C:\Users\John\Downloads\tdsskiller.zip
2014-11-26 10:54 - 2014-11-26 10:55 - 122877696 _____ (Microsoft Corporation) C:\Users\John\Downloads\msert (2).exe
2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-25 21:48 - 2014-11-25 21:48 - 03159112 _____ () C:\Users\John\Downloads\McAfee_TechCheck.exe
2014-11-25 21:42 - 2014-11-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-11-25 21:41 - 2014-11-25 21:41 - 08423856 _____ (McAfee, Inc.) C:\Users\John\Downloads\SecurityScan_Release (1).exe
2014-11-25 17:31 - 2014-11-25 17:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-25 08:31 - 2014-11-25 08:31 - 00063680 _____ () C:\Users\John\Downloads\ModifyCntxtId.exe
2014-11-25 02:09 - 2014-11-25 02:09 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-25 02:09 - 2014-11-25 02:09 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-25 02:09 - 2014-11-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-25 02:07 - 2014-11-25 02:07 - 00244120 _____ () C:\Users\John\Downloads\Firefox Setup Stub 33.1.1.exe
2014-11-25 01:17 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-25 01:17 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-25 01:17 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-25 01:17 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-24 22:21 - 2014-11-24 22:22 - 00000859 _____ () C:\Users\John\Downloads\Stinger_24112014_222121.html
2014-11-24 21:43 - 2014-11-25 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\McAfee TechCheck
2014-11-24 11:28 - 2014-11-24 11:28 - 04909382 _____ () C:\Users\John\Downloads\mbam-chameleon-3.1.7.0.zip
2014-11-24 11:27 - 2014-11-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-11-24 11:27 - 2014-11-24 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-11-24 00:02 - 2014-11-24 00:02 - 00007605 _____ () C:\Users\John\AppData\Local\resmon.resmoncfg
2014-11-21 23:04 - 2014-11-22 03:53 - 00003164 _____ () C:\Users\John\Downloads\Stinger_21112014_230447.html
2014-11-21 23:03 - 2014-11-21 23:03 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_230318.html
2014-11-21 22:56 - 2014-11-21 22:56 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_225609.html
2014-11-21 22:45 - 2014-11-21 22:45 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141121_224522.log
2014-11-21 00:43 - 2014-11-26 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-20 22:37 - 2014-11-20 22:37 - 90611712 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-11-20 22:37 - 2014-11-20 22:37 - 00319488 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-11-20 22:37 - 2014-11-20 22:37 - 00061440 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-11-20 22:37 - 2014-11-20 22:37 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-11-20 12:36 - 2014-11-20 12:40 - 00000863 _____ () C:\Users\John\Downloads\Stinger_20112014_123632.html
2014-11-19 10:21 - 2014-11-24 18:25 - 00000000 ____D () C:\Users\John\Documents\Security Scan Nov 19, 21, 22, 24 2014
2014-11-19 01:27 - 2014-11-19 05:04 - 00001516 _____ () C:\Users\John\Downloads\Stinger_19112014_012703.html
2014-11-18 09:18 - 2014-11-18 09:18 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-11-17 22:01 - 2014-11-18 09:18 - 00000000 ____D () C:\Users\John\Documents\Kindle Order Nov 2104
2014-11-17 09:31 - 2014-11-17 09:31 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList
2014-11-17 09:02 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-17 09:02 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 23:02 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-12 23:02 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-12 23:02 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-12 23:02 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-12 23:02 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-12 23:02 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-12 23:02 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 23:02 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-12 23:02 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-12 23:02 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-12 23:02 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-12 23:02 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-12 23:02 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 23:02 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 23:02 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-12 23:02 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-12 23:02 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 23:02 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-12 23:01 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-12 23:01 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-12 23:01 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-12 23:01 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-12 23:01 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-12 23:01 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-12 23:01 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-12 23:01 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-12 23:01 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 23:01 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-12 23:01 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-12 23:01 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-12 23:01 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-12 23:01 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-12 23:01 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-12 23:01 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-12 23:01 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-12 23:01 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-12 23:01 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-12 23:01 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-12 23:01 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-12 23:01 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-12 23:01 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-12 23:01 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-12 23:01 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-12 23:01 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-12 23:00 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-12 23:00 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-12 23:00 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-12 23:00 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-12 23:00 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-12 23:00 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-12 23:00 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-12 23:00 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-12 22:59 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-12 22:59 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-12 22:59 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-12 22:59 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-12 22:59 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 22:59 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-12 22:59 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-12 22:59 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-12 22:59 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 22:59 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-12 22:59 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-12 22:59 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 22:59 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-12 22:59 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-12 22:59 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 22:59 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-12 22:59 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-12 22:59 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-12 22:59 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 22:59 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 22:59 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-12 22:59 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 22:59 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-12 22:59 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 22:59 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 22:59 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-12 22:59 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-12 22:59 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-12 22:59 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-12 22:59 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-12 22:59 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 22:59 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-12 22:59 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-12 22:59 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-12 22:59 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-12 22:59 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-12 22:59 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 22:59 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-12 22:59 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 22:59 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-12 22:59 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-12 22:59 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-12 22:59 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-12 22:59 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-12 22:59 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-12 22:59 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-12 22:59 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-12 22:59 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-12 22:59 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-12 22:59 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-12 22:59 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-12 22:59 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-12 22:59 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-12 22:59 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-12 22:59 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-12 22:59 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-12 22:59 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-12 22:59 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 22:59 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-12 22:59 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-12 22:59 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-12 22:59 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-12 22:59 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-12 22:59 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-12 22:59 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-12 22:59 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-12 22:59 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-12 22:59 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-12 22:59 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-12 22:59 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 22:59 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-12 22:59 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-12 22:59 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-12 22:59 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-12 22:59 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-12 22:59 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-12 22:59 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-12 22:59 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-12 22:59 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-12 22:59 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-12 22:59 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-12 22:59 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-12 22:59 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-12 22:59 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-12 22:59 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-12 22:59 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-12 22:59 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-12 22:59 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-12 22:59 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-12 22:59 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-12 22:59 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-12 22:58 - 2014-11-04 23:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-12 22:58 - 2014-11-04 00:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-12 22:58 - 2014-10-31 04:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-12 22:58 - 2014-10-31 04:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-12 22:58 - 2014-10-31 04:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-11-12 22:58 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-12 22:58 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-12 22:58 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-12 22:58 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-12 22:58 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 22:58 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-12 22:58 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-12 22:58 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-12 22:58 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-12 22:58 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-12 22:58 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-12 22:58 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 22:58 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-12 22:58 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-12 22:58 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-12 22:58 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-12 22:58 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-12 22:58 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-12 22:58 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-12 22:58 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 22:58 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-12 22:58 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-12 22:58 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-12 22:58 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-12 22:58 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-12 22:58 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-12 22:58 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 22:58 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-12 22:58 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 22:58 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-12 22:58 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-12 22:58 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 22:58 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 22:58 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-12 22:58 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-12 22:58 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-12 22:58 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-12 22:58 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-12 22:58 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 22:58 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-12 22:58 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-09 03:26 - 2014-11-09 03:26 - 00001502 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Calculator.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 10:56 - 2013-07-12 10:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-27 10:36 - 2013-05-25 10:38 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-27 10:09 - 2013-07-17 22:04 - 00000112 ___RH () C:\Users\John\Downloads\Stinger.opt
2014-11-27 10:07 - 2013-07-17 20:34 - 00000000 ____D () C:\Stinger_Quarantine
2014-11-27 10:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-27 09:49 - 2013-05-25 10:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2736297338-2421970953-1943868259-1001
2014-11-27 08:50 - 2013-11-20 19:40 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DC2320E-BD55-4A81-9C75-67447304AC13}
2014-11-27 08:50 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-27 08:50 - 2013-07-09 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-27 08:49 - 2013-11-19 10:40 - 01068154 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-27 08:48 - 2013-07-08 10:56 - 00000000 __RSD () C:\Users\John\Documents\McAfee Vaults
2014-11-27 08:46 - 2014-05-09 18:14 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55.job
2014-11-27 08:46 - 2014-03-22 13:12 - 00000000 ___DO () C:\Users\John\SkyDrive
2014-11-27 08:45 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-27 02:42 - 2013-08-22 13:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-26 23:24 - 2014-06-28 06:38 - 00001300 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-11-26 18:08 - 2013-05-25 10:06 - 00000000 ____D () C:\WINDOWS\pss
2014-11-26 17:45 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-25 22:52 - 2014-06-02 08:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-11-25 22:39 - 2013-05-25 10:09 - 00000000 ____D () C:\Users\John\Documents\Bluetooth Folder
2014-11-25 22:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-25 21:42 - 2013-11-22 19:51 - 00001984 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-11-25 21:42 - 2013-07-09 08:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-25 20:02 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-25 20:00 - 2014-09-05 07:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype
2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\ProgramData\Skype
2014-11-25 19:56 - 2013-07-12 10:52 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-25 17:32 - 2014-01-03 22:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-25 16:11 - 2013-12-07 09:30 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-25 02:14 - 2013-05-25 10:04 - 00000000 ____D () C:\Users\John\AppData\Local\Packages
2014-11-25 02:09 - 2014-09-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-25 01:50 - 2013-07-08 22:45 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-25 01:47 - 2013-05-25 10:05 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2014-11-25 01:44 - 2013-05-25 12:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\WildTangent
2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-11-25 01:37 - 2013-07-12 10:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-25 01:33 - 2013-05-27 12:19 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-25 01:02 - 2013-11-19 10:17 - 00000000 ____D () C:\Users\John
2014-11-25 01:01 - 2014-02-10 17:31 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-11-25 00:59 - 2013-10-15 02:44 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc
2014-11-25 00:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-11-25 00:57 - 2014-08-05 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-11-25 00:57 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Atheros
2014-11-25 00:57 - 2013-07-17 20:33 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-11-25 00:57 - 2013-06-04 20:59 - 00000000 ____D () C:\ProgramData\IObit
2014-11-25 00:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2014-11-25 00:35 - 2013-12-07 09:30 - 00000000 ____D () C:\Users\John\AppData\Roaming\IObit
2014-11-25 00:31 - 2013-11-16 20:55 - 00000000 ____D () C:\Users\John\AppData\Local\Mozilla
2014-11-25 00:26 - 2013-06-04 20:59 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-24 22:47 - 2014-10-25 07:45 - 00000000 ____D () C:\Users\John\Documents\JK's Docs
2014-11-21 14:29 - 2014-09-01 20:52 - 00000000 ____D () C:\Users\John\Documents\Kevin Jenkins
2014-11-20 23:08 - 2014-07-28 16:40 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak38
2014-11-19 11:58 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-19 10:24 - 2014-10-25 07:46 - 00082432 ___SH () C:\Users\John\Documents\Thumbs.db
2014-11-18 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-18 09:26 - 2013-11-19 18:09 - 00000000 ___DC () C:\WINDOWS\Panther
2014-11-18 09:25 - 2013-06-02 18:52 - 00000000 ____D () C:\Users\John\Tracing
2014-11-17 12:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-17 09:01 - 2013-08-22 14:44 - 00503088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-15 13:26 - 2014-07-13 21:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-15 11:45 - 2014-10-21 16:42 - 00000000 ____D () C:\Users\John\Documents\CBA share valuations
2014-11-15 00:58 - 2013-06-11 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 12:31 - 2014-05-09 18:14 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55
2014-11-14 12:31 - 2013-05-25 10:38 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 21:14 - 2013-12-22 16:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 21:13 - 2014-10-25 09:30 - 00000000 ____D () C:\ProgramData\Adguard
2014-10-30 11:25 - 2013-08-17 18:34 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat

Some content of TEMP:
====================
C:\Users\John\AppData\Local\Temp\dllnt_dump.dll
C:\Users\John\AppData\Local\Temp\Quarantine.exe
C:\Users\John\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-27 09:49
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by John (administrator) on JAYKAYSVAIO on 27-11-2014 10:56:33
Running from C:\Users\John\Downloads
Loaded Profile: John (Available profiles: John)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4484608 2014-01-22] (Research In Motion Limited)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1464336 2014-02-03] (Research In Motion)
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\MountPoints2: {3edd7706-c191-11e3-802b-b8763ff59eea} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBEAFA000D109D001
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms}
SearchScopes: HKU\.DEFAULT -> {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> DefaultScope {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {4BA09C6D-3C77-9D14-BC01-149374DBEC04} URL =
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default
FF DefaultSearchEngine: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Keyword.URL: https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\iobitascsurfingprotection@iobit.com [2014-11-18]
FF Extension: Yahoo Community Smartbar - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{dd312948-01f6-4288-9a59-3368f4f55bdf} [2014-07-03]
FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-08]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-08]
FF HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-10-27]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]
Chrome:
=======
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSearchURL: Default -> https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-08]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [156904 2014-11-13] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-07] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-01-22] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1309696 2014-01-22] (Research In Motion Limited) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-01-22] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-16] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-28] ()
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S0 mferkdet; \SystemRoot\system32\drivers\mferkdet.sys [X]
S3 MFE_RR; \??\C:\Users\John\AppData\Local\Temp\mfe_rr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 10:56 - 2014-11-27 10:56 - 00025960 _____ () C:\Users\John\Downloads\FRST.txt
2014-11-27 10:55 - 2014-11-27 10:56 - 00000000 ____D () C:\FRST
2014-11-27 10:55 - 2014-11-27 10:55 - 02117632 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-11-27 10:10 - 2014-11-27 10:11 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141127_101059.log
2014-11-27 10:10 - 2014-11-27 10:10 - 00783120 _____ (McAfee, Inc.) C:\Users\John\Downloads\rootkitremover.exe
2014-11-27 10:08 - 2014-11-27 10:09 - 00000855 _____ () C:\Users\John\Downloads\Stinger_27112014_100816.html
2014-11-27 10:04 - 2014-11-27 10:09 - 00000000 ____D () C:\Program Files\stinger
2014-11-27 10:04 - 2014-11-27 10:06 - 00000978 _____ () C:\Users\John\Downloads\Stinger_27112014_100425.html
2014-11-27 10:03 - 2014-11-27 10:03 - 12484464 _____ (McAfee Inc) C:\Users\John\Downloads\stinger64.exe
2014-11-26 23:21 - 2014-11-26 23:24 - 00000000 ____D () C:\AdwCleaner
2014-11-26 23:15 - 2014-11-26 23:19 - 00000755 _____ () C:\Users\John\Desktop\Start Emsisoft Emergency Kit.lnk
2014-11-26 23:14 - 2014-11-26 23:18 - 00000000 ____D () C:\EEK
2014-11-26 23:13 - 2014-11-26 23:14 - 159691800 _____ () C:\Users\John\Downloads\EmsisoftEmergencyKit.exe
2014-11-26 23:00 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-26 22:59 - 2014-11-26 22:59 - 11222744 _____ (SurfRight B.V.) C:\Users\John\Downloads\HitmanPro_x64.exe
2014-11-26 22:58 - 2014-11-26 22:58 - 06045272 _____ () C:\Users\John\Downloads\RogueKiller_old.exe
2014-11-26 22:57 - 2014-11-26 22:57 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64 (1).exe
2014-11-26 22:07 - 2014-11-26 22:07 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-11-26 22:07 - 2014-11-26 22:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-26 22:06 - 2014-11-26 22:06 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64.exe
2014-11-26 20:19 - 2014-11-26 23:25 - 00000698 _____ () C:\WINDOWS\PFRO.log
2014-11-26 19:53 - 2014-11-27 02:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-26 19:53 - 2014-11-26 20:53 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-26 19:53 - 2014-11-26 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-26 19:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-26 19:53 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-26 19:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-26 19:51 - 2014-11-26 19:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\DAD.exe
2014-11-26 19:21 - 2014-11-26 19:27 - 05514984 _____ () C:\Users\John\Desktop\Rkill.txt
2014-11-26 19:16 - 2014-11-26 19:16 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\iExplore.exe
2014-11-26 13:00 - 2014-11-26 13:01 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\John\Downloads\tdsskiller.exe
2014-11-26 12:58 - 2014-11-26 12:58 - 00000077 ___RH () C:\Users\John\Downloads\GetSusp.opt
2014-11-26 12:54 - 2014-11-26 12:54 - 02191924 _____ () C:\Users\John\Downloads\gsusp_4B50C87A07AE_112614_125438.zip
2014-11-26 12:53 - 2014-11-26 12:54 - 00001160 _____ () C:\Users\John\Downloads\GetSusp.xml
2014-11-26 12:51 - 2014-11-26 12:51 - 01579552 _____ (McAfee Inc.) C:\Users\John\Downloads\getsusp.exe
2014-11-26 12:33 - 2014-11-26 12:33 - 04163057 _____ () C:\Users\John\Downloads\tdsskiller.zip
2014-11-26 10:54 - 2014-11-26 10:55 - 122877696 _____ (Microsoft Corporation) C:\Users\John\Downloads\msert (2).exe
2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-25 21:48 - 2014-11-25 21:48 - 03159112 _____ () C:\Users\John\Downloads\McAfee_TechCheck.exe
2014-11-25 21:42 - 2014-11-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-11-25 21:41 - 2014-11-25 21:41 - 08423856 _____ (McAfee, Inc.) C:\Users\John\Downloads\SecurityScan_Release (1).exe
2014-11-25 17:31 - 2014-11-25 17:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-25 08:31 - 2014-11-25 08:31 - 00063680 _____ () C:\Users\John\Downloads\ModifyCntxtId.exe
2014-11-25 02:09 - 2014-11-25 02:09 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-25 02:09 - 2014-11-25 02:09 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-25 02:09 - 2014-11-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-25 02:07 - 2014-11-25 02:07 - 00244120 _____ () C:\Users\John\Downloads\Firefox Setup Stub 33.1.1.exe
2014-11-25 01:17 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-25 01:17 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-25 01:17 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-25 01:17 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-24 22:21 - 2014-11-24 22:22 - 00000859 _____ () C:\Users\John\Downloads\Stinger_24112014_222121.html
2014-11-24 21:43 - 2014-11-25 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\McAfee TechCheck
2014-11-24 11:28 - 2014-11-24 11:28 - 04909382 _____ () C:\Users\John\Downloads\mbam-chameleon-3.1.7.0.zip
2014-11-24 11:27 - 2014-11-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-11-24 11:27 - 2014-11-24 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-11-24 00:02 - 2014-11-24 00:02 - 00007605 _____ () C:\Users\John\AppData\Local\resmon.resmoncfg
2014-11-21 23:04 - 2014-11-22 03:53 - 00003164 _____ () C:\Users\John\Downloads\Stinger_21112014_230447.html
2014-11-21 23:03 - 2014-11-21 23:03 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_230318.html
2014-11-21 22:56 - 2014-11-21 22:56 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_225609.html
2014-11-21 22:45 - 2014-11-21 22:45 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141121_224522.log
2014-11-21 00:43 - 2014-11-26 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-20 22:37 - 2014-11-20 22:37 - 90611712 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2014-11-20 22:37 - 2014-11-20 22:37 - 00319488 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2014-11-20 22:37 - 2014-11-20 22:37 - 00061440 _____ () C:\WINDOWS\system32\config\SAM.iobit
2014-11-20 22:37 - 2014-11-20 22:37 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2014-11-20 12:36 - 2014-11-20 12:40 - 00000863 _____ () C:\Users\John\Downloads\Stinger_20112014_123632.html
2014-11-19 10:21 - 2014-11-24 18:25 - 00000000 ____D () C:\Users\John\Documents\Security Scan Nov 19, 21, 22, 24 2014
2014-11-19 01:27 - 2014-11-19 05:04 - 00001516 _____ () C:\Users\John\Downloads\Stinger_19112014_012703.html
2014-11-18 09:18 - 2014-11-18 09:18 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-11-17 22:01 - 2014-11-18 09:18 - 00000000 ____D () C:\Users\John\Documents\Kindle Order Nov 2104
2014-11-17 09:31 - 2014-11-17 09:31 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList
2014-11-17 09:02 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-17 09:02 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 23:02 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-12 23:02 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-12 23:02 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-12 23:02 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-12 23:02 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-12 23:02 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-12 23:02 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-12 23:02 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-12 23:02 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-12 23:02 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-12 23:02 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-12 23:02 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-12 23:02 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-12 23:02 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-12 23:02 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-12 23:02 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-12 23:02 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-12 23:02 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-12 23:01 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-12 23:01 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-12 23:01 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-12 23:01 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-12 23:01 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-12 23:01 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-12 23:01 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-12 23:01 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-12 23:01 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-12 23:01 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-12 23:01 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-12 23:01 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-12 23:01 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-12 23:01 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-12 23:01 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-12 23:01 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-12 23:01 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-12 23:01 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-12 23:01 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-12 23:01 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-12 23:01 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-12 23:01 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-12 23:01 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-12 23:01 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-12 23:01 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-12 23:01 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-12 23:00 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-12 23:00 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-12 23:00 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-12 23:00 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-12 23:00 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-12 23:00 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-12 23:00 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-12 23:00 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-12 22:59 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-12 22:59 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-12 22:59 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-12 22:59 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-12 22:59 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-12 22:59 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-12 22:59 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-12 22:59 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-12 22:59 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-12 22:59 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-12 22:59 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-12 22:59 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-12 22:59 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-12 22:59 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-12 22:59 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-12 22:59 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-12 22:59 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-12 22:59 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-12 22:59 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-12 22:59 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-12 22:59 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-12 22:59 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-12 22:59 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-12 22:59 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-12 22:59 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-12 22:59 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-12 22:59 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-12 22:59 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-12 22:59 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-12 22:59 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-12 22:59 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-12 22:59 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-12 22:59 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-12 22:59 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-12 22:59 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-12 22:59 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-12 22:59 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-12 22:59 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-12 22:59 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-12 22:59 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-12 22:59 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-12 22:59 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-12 22:59 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-12 22:59 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-12 22:59 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-12 22:59 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-12 22:59 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-12 22:59 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-12 22:59 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-12 22:59 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-12 22:59 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-12 22:59 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-12 22:59 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-12 22:59 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-12 22:59 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-12 22:59 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-12 22:59 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-12 22:59 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-12 22:59 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-12 22:59 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-12 22:59 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-12 22:59 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-12 22:59 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-12 22:59 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-12 22:59 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-12 22:59 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-12 22:59 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-12 22:59 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-12 22:59 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-12 22:59 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 22:59 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-12 22:59 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-12 22:59 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-12 22:59 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-12 22:59 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-12 22:59 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-12 22:59 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-12 22:59 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-12 22:59 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-12 22:59 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-12 22:59 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-12 22:59 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-12 22:59 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-12 22:59 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-12 22:59 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-12 22:59 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-12 22:59 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-12 22:59 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-12 22:59 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-12 22:59 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-12 22:59 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-12 22:58 - 2014-11-04 23:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-12 22:58 - 2014-11-04 00:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-12 22:58 - 2014-10-31 04:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-12 22:58 - 2014-10-31 04:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-12 22:58 - 2014-10-31 04:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-11-12 22:58 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-12 22:58 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-12 22:58 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-12 22:58 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-12 22:58 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-12 22:58 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-12 22:58 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-12 22:58 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-12 22:58 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-12 22:58 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-12 22:58 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-12 22:58 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-12 22:58 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-12 22:58 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-12 22:58 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-12 22:58 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-12 22:58 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-12 22:58 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-12 22:58 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-12 22:58 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-12 22:58 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-12 22:58 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-12 22:58 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-12 22:58 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-12 22:58 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-12 22:58 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-12 22:58 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-12 22:58 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-12 22:58 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-12 22:58 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-12 22:58 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-12 22:58 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-12 22:58 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-12 22:58 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-12 22:58 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-12 22:58 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-12 22:58 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-12 22:58 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-12 22:58 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-12 22:58 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-12 22:58 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-09 03:26 - 2014-11-09 03:26 - 00001502 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Calculator.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 10:56 - 2013-07-12 10:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-27 10:36 - 2013-05-25 10:38 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-27 10:09 - 2013-07-17 22:04 - 00000112 ___RH () C:\Users\John\Downloads\Stinger.opt
2014-11-27 10:07 - 2013-07-17 20:34 - 00000000 ____D () C:\Stinger_Quarantine
2014-11-27 10:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-27 09:49 - 2013-05-25 10:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2736297338-2421970953-1943868259-1001
2014-11-27 08:50 - 2013-11-20 19:40 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DC2320E-BD55-4A81-9C75-67447304AC13}
2014-11-27 08:50 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-27 08:50 - 2013-07-09 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-27 08:49 - 2013-11-19 10:40 - 01068154 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-27 08:48 - 2013-07-08 10:56 - 00000000 __RSD () C:\Users\John\Documents\McAfee Vaults
2014-11-27 08:46 - 2014-05-09 18:14 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55.job
2014-11-27 08:46 - 2014-03-22 13:12 - 00000000 ___DO () C:\Users\John\SkyDrive
2014-11-27 08:45 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-27 02:42 - 2013-08-22 13:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-26 23:24 - 2014-06-28 06:38 - 00001300 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-11-26 18:08 - 2013-05-25 10:06 - 00000000 ____D () C:\WINDOWS\pss
2014-11-26 17:45 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-25 22:52 - 2014-06-02 08:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-11-25 22:39 - 2013-05-25 10:09 - 00000000 ____D () C:\Users\John\Documents\Bluetooth Folder
2014-11-25 22:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-25 21:42 - 2013-11-22 19:51 - 00001984 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-11-25 21:42 - 2013-07-09 08:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-25 20:02 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-25 20:00 - 2014-09-05 07:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype
2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\ProgramData\Skype
2014-11-25 19:56 - 2013-07-12 10:52 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-25 17:32 - 2014-01-03 22:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-25 16:11 - 2013-12-07 09:30 - 00000000 ____D () C:\ProgramData\ProductData
2014-11-25 02:14 - 2013-05-25 10:04 - 00000000 ____D () C:\Users\John\AppData\Local\Packages
2014-11-25 02:09 - 2014-09-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-25 01:50 - 2013-07-08 22:45 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-25 01:47 - 2013-05-25 10:05 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2014-11-25 01:44 - 2013-05-25 12:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\WildTangent
2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\ProgramData\WildTangent
2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-11-25 01:37 - 2013-07-12 10:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-25 01:33 - 2013-05-27 12:19 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-25 01:02 - 2013-11-19 10:17 - 00000000 ____D () C:\Users\John
2014-11-25 01:01 - 2014-02-10 17:31 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-11-25 00:59 - 2013-10-15 02:44 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc
2014-11-25 00:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-11-25 00:57 - 2014-08-05 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-11-25 00:57 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Atheros
2014-11-25 00:57 - 2013-07-17 20:33 - 00000000 ____D () C:\Program Files (x86)\stinger
2014-11-25 00:57 - 2013-06-04 20:59 - 00000000 ____D () C:\ProgramData\IObit
2014-11-25 00:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2014-11-25 00:35 - 2013-12-07 09:30 - 00000000 ____D () C:\Users\John\AppData\Roaming\IObit
2014-11-25 00:31 - 2013-11-16 20:55 - 00000000 ____D () C:\Users\John\AppData\Local\Mozilla
2014-11-25 00:26 - 2013-06-04 20:59 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-24 22:47 - 2014-10-25 07:45 - 00000000 ____D () C:\Users\John\Documents\JK's Docs
2014-11-21 14:29 - 2014-09-01 20:52 - 00000000 ____D () C:\Users\John\Documents\Kevin Jenkins
2014-11-20 23:08 - 2014-07-28 16:40 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak38
2014-11-19 11:58 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-19 10:24 - 2014-10-25 07:46 - 00082432 ___SH () C:\Users\John\Documents\Thumbs.db
2014-11-18 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-18 09:26 - 2013-11-19 18:09 - 00000000 ___DC () C:\WINDOWS\Panther
2014-11-18 09:25 - 2013-06-02 18:52 - 00000000 ____D () C:\Users\John\Tracing
2014-11-17 12:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-17 09:01 - 2013-08-22 14:44 - 00503088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-15 13:26 - 2014-07-13 21:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-15 11:45 - 2014-10-21 16:42 - 00000000 ____D () C:\Users\John\Documents\CBA share valuations
2014-11-15 00:58 - 2013-06-11 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-14 12:31 - 2014-05-09 18:14 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55
2014-11-14 12:31 - 2013-05-25 10:38 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 21:14 - 2013-12-22 16:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 21:13 - 2014-10-25 09:30 - 00000000 ____D () C:\ProgramData\Adguard
2014-10-30 11:25 - 2013-08-17 18:34 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat

Some content of TEMP:
====================
C:\Users\John\AppData\Local\Temp\dllnt_dump.dll
C:\Users\John\AppData\Local\Temp\Quarantine.exe
C:\Users\John\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-27 09:49
==================== End Of Log ============================

 

[TwinHeadedEagle]

Hello,



They call me TwinHeadedEagle around here, and I'll be working with you.



Before we start please read and note the following:

• At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
• Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  
• All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
• If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
• I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
  
• Please attach all report using
  
  button below. Doing this, you make it easier for me to analyze and fix your problem.
  
• Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

• Install the progam and select update.
• Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
• Click the Scan tab, choose Threat Scan is checked and click Scan Now.
• If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
• Upon completion of the scan (or after the reboot), click the History tab.
• Click Application Logs and double-click the Scan Log.
• At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Follow the prompts and click Scan.
• When finished, please click Clean.
• Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

 

[Jaykay]

Hey there TwinHeadedEagle - how you doing. Many thanks for your mail and offer to help me, it's very much appreciated.

Please note that I actually go away for a few days tomorrow - I wasn't expecting your prompt response. So rather than me trying to rush this tonight and probably us having to break off midway, can I start your instructions on Monday please. My laptop will be switched off during this time.

Thanks

JK

 

[TwinHeadedEagle]

Yes, just continue here.

 

[Jaykay]

Many thanks, will resume here on Monday. Enjoy your weekend.

Regards

JK

 

[Jaykay]

Hi TwinHeadedEagle - I've now run those scans and uploaded the 4 reports as requested.

Regards

JK

 

[TwinHeadedEagle]

How is the situation now?

 

[Jaykay]

Hi there - because there were no signs of any malware from those scans, I've run Microsoft Security Scanner again. It's just finished and sadly it has produced exactly the same outcome, which I've attached.

 

[Jaykay]

Sorry - forgot to add that there are no signs of anything being untoward on my laptop, which seems to be operating normally.

Regards

JK

 

[TwinHeadedEagle]

What files it is detecting?

 

[Jaykay]

I'm sorry, the scan hasn't provided any more information as far as I could see. I've run the MSS 5 times since I first noticed a small change on I/E and each time it's come up with the same outcome, which I attached in my last post.

JK

 

[TwinHeadedEagle]

I need detailed report, this tells me nothing.

 

[Jaykay]

OK - can you advise me where/how I would obtain that please?

 

[TwinHeadedEagle]

Try to find the log here

C:\Windows\Debug\msert.log

 

[Jaykay]

Good call!

It produced the attached.

 

[TwinHeadedEagle]

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

​

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

 

[Jaykay]

TwinHeadedEagle - attached as requested.

JK

 

[TwinHeadedEagle]

Good. How is the situation now?

 

[Jaykay]

Good morning - I'm just about to run MSS again as that's the only way I have known about this problem. I'll get back to you with the results as soon as that scan completes and will include the detailed results from C:\Windows\Debug\msert.log. In the meantime I would be grateful for a little feedback please. Technology wizardry aside:

• Can you qualify how much of a threat this was for me please as the web gave conflicting reports and was I right in getting the so called 'malware' removed
• Why didn't McAfee Total Protection pick this up/deal with it - when MSS can clearly identify the threat
• Do you know how I might have acquired the problem - I'm always careful and would want to avoid making any mistake made again
• Do you have any advice on how I might improve the protection I have in place

Your help has been great and very much appreciated, thank you.

JK

 

[Jaykay]

TwinHeadedEagle - you're a star!

Microsoft Safety Scanner returned a 'clean scan' so presumably all 3 threats have been removed and your 'tailored fix' has been successful! I was unable to download the detailed log however using C:\Windows\Debug\msert.log.

Looking forward to hearing from you, but in the meantime, here's a very big Thank You!!

Regards

JK