Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Removing Exploit:Java/CVE virus
Message
<blockquote data-quote="Jaykay" data-source="post: 306456" data-attributes="member: 31193"><p>I ran AdwCleaner but can't find the report - I will run it again if I can't trace it ... although it didn't say anything. I also couldn't immediately find the link to aswMBR and will work on that later today and post both scan results to you. In the meantime here's the FRST scan logs:</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01</p><p>Ran by John (administrator) on JAYKAYSVAIO on 27-11-2014 10:56:33</p><p>Running from C:\Users\John\Downloads</p><p>Loaded Profile: John (Available profiles: John)</p><p>Platform: Windows 8.1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p>==================== Processes (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p>(AMD) C:\Windows\System32\atiesrxx.exe</p><p>(AMD) C:\Windows\System32\atieclxx.exe</p><p>(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dasHost.exe</p><p>(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe</p><p>(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe</p><p>(McAfee, Inc.) C:\Windows\System32\mfevtps.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe</p><p>(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe</p><p>(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe</p><p>(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe</p><p>(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe</p><p>() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe</p><p>(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe</p><p>(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe</p><p>(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe</p><p>(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe</p><p>() C:\Program Files\Sony\VAIO Care\listener.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe</p><p>(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe</p><p>(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe</p><p>(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe</p><p>(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe</p><p>(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p></p><p>==================== Registry (Whitelisted) ==================</p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p>HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)</p><p>HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)</p><p>HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)</p><p>HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)</p><p>HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)</p><p>HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)</p><p>HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)</p><p>HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited)</p><p>HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4484608 2014-01-22] (Research In Motion Limited)</p><p>HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)</p><p>Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)</p><p>HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))</p><p>HKLM\...\Policies\Explorer: [NoControlPanel] 0</p><p>HKLM\...\Policies\Explorer: [NoFolderOptions] 0</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1464336 2014-02-03] (Research In Motion)</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\MountPoints2: {3edd7706-c191-11e3-802b-b8763ff59eea} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk</p><p>ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.)</p><p>ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File</p><p>ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File</p><p>ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File</p><p>ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File</p><p>ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File</p><p>ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File</p><p>BootExecute: autocheck autochk *</p><p>==================== Internet (Whitelisted) ====================</p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://google.com/" target="_blank">http://google.com/</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://sony13.msn.com" target="_blank">http://sony13.msn.com</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = <a href="http://vaioportal.sony.eu" target="_blank">http://vaioportal.sony.eu</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = <a href="http://www.msn.com/en-gb/?ocid=iehp" target="_blank">http://www.msn.com/en-gb/?ocid=iehp</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBEAFA000D109D001</p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = </p><p>SearchScopes: HKU\.DEFAULT -> DefaultScope {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = <a href="http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms" target="_blank">http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms</a>}</p><p>SearchScopes: HKU\.DEFAULT -> {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = <a href="http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms" target="_blank">http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> DefaultScope {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {4BA09C6D-3C77-9D14-BC01-149374DBEC04} URL = </p><p>BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)</p><p>BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll (McAfee, Inc.)</p><p>BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)</p><p>Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)</p><p>Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)</p><p>Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)</p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default</p><p>FF DefaultSearchEngine: Secure Search</p><p>FF SearchEngineOrder.1: Secure Search</p><p>FF SelectedSearchEngine: Secure Search</p><p>FF Keyword.URL: <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p</a>=</p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()</p><p>FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)</p><p>FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p>FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml</p><p>FF Extension: Advanced SystemCare Surfing Protection - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\<a href="mailto:iobitascsurfingprotection@iobit.com">iobitascsurfingprotection@iobit.com</a> [2014-11-18]</p><p>FF Extension: Yahoo Community Smartbar - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{dd312948-01f6-4288-9a59-3368f4f55bdf} [2014-07-03]</p><p>FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-16]</p><p>FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor</p><p>FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-08]</p><p>FF HKLM-x32\...\Thunderbird\Extensions: [<a href="mailto:msktbird@mcafee.com">msktbird@mcafee.com</a>] - C:\Program Files\McAfee\MSK</p><p>FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-08]</p><p>FF HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi</p><p>FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-10-27]</p><p>FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]</p><p>Chrome: </p><p>=======</p><p>CHR DefaultSearchKeyword: Default -> mcafee</p><p>CHR DefaultSearchURL: Default -> <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms</a>}</p><p>CHR DefaultSuggestURL: Default -> </p><p>CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]</p><p>CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-08]</p><p>CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07]</p><p>CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-25]</p><p>==================== Services (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)</p><p>S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)</p><p>R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]</p><p>R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)</p><p>R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)</p><p>R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)</p><p>R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [156904 2014-11-13] (McAfee, Inc.)</p><p>R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)</p><p>S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.)</p><p>R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)</p><p>R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-07] (McAfee, Inc.)</p><p>R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)</p><p>R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)</p><p>R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)</p><p>R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)</p><p>R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)</p><p>R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-01-22] (Apple Inc.) [File not signed]</p><p>R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1309696 2014-01-22] (Research In Motion Limited) [File not signed]</p><p>R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)</p><p>R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)</p><p>S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)</p><p>S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]</p><p>R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)</p><p>S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)</p><p>S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)</p><p>R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]</p><p>==================== Drivers (Whitelisted) ====================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)</p><p>S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)</p><p>S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)</p><p>S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)</p><p>R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)</p><p>R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)</p><p>S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)</p><p>R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.)</p><p>R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)</p><p>R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-07] (McAfee, Inc.)</p><p>R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)</p><p>S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)</p><p>R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)</p><p>R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)</p><p>R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)</p><p>S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)</p><p>R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)</p><p>S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)</p><p>R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-01-22] (Research in Motion Limited)</p><p>R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)</p><p>R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-16] ()</p><p>R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)</p><p>R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)</p><p>S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-28] ()</p><p>S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)</p><p>S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)</p><p>S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]</p><p>S0 mferkdet; \SystemRoot\system32\drivers\mferkdet.sys [X]</p><p>S3 MFE_RR; \??\C:\Users\John\AppData\Local\Temp\mfe_rr.sys [X]</p><p>==================== NetSvcs (Whitelisted) ===================</p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p>==================== One Month Created Files and Folders ========</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-11-27 10:56 - 2014-11-27 10:56 - 00025960 _____ () C:\Users\John\Downloads\FRST.txt</p><p>2014-11-27 10:55 - 2014-11-27 10:56 - 00000000 ____D () C:\FRST</p><p>2014-11-27 10:55 - 2014-11-27 10:55 - 02117632 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe</p><p>2014-11-27 10:10 - 2014-11-27 10:11 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141127_101059.log</p><p>2014-11-27 10:10 - 2014-11-27 10:10 - 00783120 _____ (McAfee, Inc.) C:\Users\John\Downloads\rootkitremover.exe</p><p>2014-11-27 10:08 - 2014-11-27 10:09 - 00000855 _____ () C:\Users\John\Downloads\Stinger_27112014_100816.html</p><p>2014-11-27 10:04 - 2014-11-27 10:09 - 00000000 ____D () C:\Program Files\stinger</p><p>2014-11-27 10:04 - 2014-11-27 10:06 - 00000978 _____ () C:\Users\John\Downloads\Stinger_27112014_100425.html</p><p>2014-11-27 10:03 - 2014-11-27 10:03 - 12484464 _____ (McAfee Inc) C:\Users\John\Downloads\stinger64.exe</p><p>2014-11-26 23:21 - 2014-11-26 23:24 - 00000000 ____D () C:\AdwCleaner</p><p>2014-11-26 23:15 - 2014-11-26 23:19 - 00000755 _____ () C:\Users\John\Desktop\Start Emsisoft Emergency Kit.lnk</p><p>2014-11-26 23:14 - 2014-11-26 23:18 - 00000000 ____D () C:\EEK</p><p>2014-11-26 23:13 - 2014-11-26 23:14 - 159691800 _____ () C:\Users\John\Downloads\EmsisoftEmergencyKit.exe</p><p>2014-11-26 23:00 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\HitmanPro</p><p>2014-11-26 22:59 - 2014-11-26 22:59 - 11222744 _____ (SurfRight B.V.) C:\Users\John\Downloads\HitmanPro_x64.exe</p><p>2014-11-26 22:58 - 2014-11-26 22:58 - 06045272 _____ () C:\Users\John\Downloads\RogueKiller_old.exe</p><p>2014-11-26 22:57 - 2014-11-26 22:57 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64 (1).exe</p><p>2014-11-26 22:07 - 2014-11-26 22:07 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys</p><p>2014-11-26 22:07 - 2014-11-26 22:07 - 00000000 ____D () C:\ProgramData\RogueKiller</p><p>2014-11-26 22:06 - 2014-11-26 22:06 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64.exe</p><p>2014-11-26 20:19 - 2014-11-26 23:25 - 00000698 _____ () C:\WINDOWS\PFRO.log</p><p>2014-11-26 19:53 - 2014-11-27 02:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-11-26 19:53 - 2014-11-26 20:53 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-11-26 19:53 - 2014-11-26 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2014-11-26 19:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys</p><p>2014-11-26 19:53 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys</p><p>2014-11-26 19:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys</p><p>2014-11-26 19:51 - 2014-11-26 19:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\DAD.exe</p><p>2014-11-26 19:21 - 2014-11-26 19:27 - 05514984 _____ () C:\Users\John\Desktop\Rkill.txt</p><p>2014-11-26 19:16 - 2014-11-26 19:16 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\iExplore.exe</p><p>2014-11-26 13:00 - 2014-11-26 13:01 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\John\Downloads\tdsskiller.exe</p><p>2014-11-26 12:58 - 2014-11-26 12:58 - 00000077 ___RH () C:\Users\John\Downloads\GetSusp.opt</p><p>2014-11-26 12:54 - 2014-11-26 12:54 - 02191924 _____ () C:\Users\John\Downloads\gsusp_4B50C87A07AE_112614_125438.zip</p><p>2014-11-26 12:53 - 2014-11-26 12:54 - 00001160 _____ () C:\Users\John\Downloads\GetSusp.xml</p><p>2014-11-26 12:51 - 2014-11-26 12:51 - 01579552 _____ (McAfee Inc.) C:\Users\John\Downloads\getsusp.exe</p><p>2014-11-26 12:33 - 2014-11-26 12:33 - 04163057 _____ () C:\Users\John\Downloads\tdsskiller.zip</p><p>2014-11-26 10:54 - 2014-11-26 10:55 - 122877696 _____ (Microsoft Corporation) C:\Users\John\Downloads\msert (2).exe</p><p>2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setuperr.log</p><p>2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setupact.log</p><p>2014-11-25 21:48 - 2014-11-25 21:48 - 03159112 _____ () C:\Users\John\Downloads\McAfee_TechCheck.exe</p><p>2014-11-25 21:42 - 2014-11-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus</p><p>2014-11-25 21:41 - 2014-11-25 21:41 - 08423856 _____ (McAfee, Inc.) C:\Users\John\Downloads\SecurityScan_Release (1).exe</p><p>2014-11-25 17:31 - 2014-11-25 17:31 - 00000000 ____D () C:\Program Files (x86)\Java</p><p>2014-11-25 08:31 - 2014-11-25 08:31 - 00063680 _____ () C:\Users\John\Downloads\ModifyCntxtId.exe</p><p>2014-11-25 02:09 - 2014-11-25 02:09 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk</p><p>2014-11-25 02:09 - 2014-11-25 02:09 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk</p><p>2014-11-25 02:09 - 2014-11-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service</p><p>2014-11-25 02:07 - 2014-11-25 02:07 - 00244120 _____ () C:\Users\John\Downloads\Firefox Setup Stub 33.1.1.exe</p><p>2014-11-25 01:17 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll</p><p>2014-11-25 01:17 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll</p><p>2014-11-25 01:17 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll</p><p>2014-11-25 01:17 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll</p><p>2014-11-24 22:21 - 2014-11-24 22:22 - 00000859 _____ () C:\Users\John\Downloads\Stinger_24112014_222121.html</p><p>2014-11-24 21:43 - 2014-11-25 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\McAfee TechCheck</p><p>2014-11-24 11:28 - 2014-11-24 11:28 - 04909382 _____ () C:\Users\John\Downloads\mbam-chameleon-3.1.7.0.zip</p><p>2014-11-24 11:27 - 2014-11-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit</p><p>2014-11-24 11:27 - 2014-11-24 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit</p><p>2014-11-24 00:02 - 2014-11-24 00:02 - 00007605 _____ () C:\Users\John\AppData\Local\resmon.resmoncfg</p><p>2014-11-21 23:04 - 2014-11-22 03:53 - 00003164 _____ () C:\Users\John\Downloads\Stinger_21112014_230447.html</p><p>2014-11-21 23:03 - 2014-11-21 23:03 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_230318.html</p><p>2014-11-21 22:56 - 2014-11-21 22:56 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_225609.html</p><p>2014-11-21 22:45 - 2014-11-21 22:45 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141121_224522.log</p><p>2014-11-21 00:43 - 2014-11-26 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 90611712 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 00319488 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 00061440 _____ () C:\WINDOWS\system32\config\SAM.iobit</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit</p><p>2014-11-20 12:36 - 2014-11-20 12:40 - 00000863 _____ () C:\Users\John\Downloads\Stinger_20112014_123632.html</p><p>2014-11-19 10:21 - 2014-11-24 18:25 - 00000000 ____D () C:\Users\John\Documents\Security Scan Nov 19, 21, 22, 24 2014</p><p>2014-11-19 01:27 - 2014-11-19 05:04 - 00001516 _____ () C:\Users\John\Downloads\Stinger_19112014_012703.html</p><p>2014-11-18 09:18 - 2014-11-18 09:18 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}</p><p>2014-11-17 22:01 - 2014-11-18 09:18 - 00000000 ____D () C:\Users\John\Documents\Kindle Order Nov 2104</p><p>2014-11-17 09:31 - 2014-11-17 09:31 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList</p><p>2014-11-17 09:02 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe</p><p>2014-11-17 09:02 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2014-11-12 23:02 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys</p><p>2014-11-12 23:02 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys</p><p>2014-11-12 23:02 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys</p><p>2014-11-12 23:02 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll</p><p>2014-11-12 23:02 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll</p><p>2014-11-12 23:02 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll</p><p>2014-11-12 23:02 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll</p><p>2014-11-12 23:02 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll</p><p>2014-11-12 23:02 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll</p><p>2014-11-12 23:02 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll</p><p>2014-11-12 23:02 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll</p><p>2014-11-12 23:02 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll</p><p>2014-11-12 23:02 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll</p><p>2014-11-12 23:01 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe</p><p>2014-11-12 23:01 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll</p><p>2014-11-12 23:01 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll</p><p>2014-11-12 23:01 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe</p><p>2014-11-12 23:01 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe</p><p>2014-11-12 23:01 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll</p><p>2014-11-12 23:01 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll</p><p>2014-11-12 23:01 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll</p><p>2014-11-12 23:01 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe</p><p>2014-11-12 23:01 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll</p><p>2014-11-12 23:01 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll</p><p>2014-11-12 23:01 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll</p><p>2014-11-12 23:01 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll</p><p>2014-11-12 23:01 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll</p><p>2014-11-12 23:01 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll</p><p>2014-11-12 23:01 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll</p><p>2014-11-12 23:00 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll</p><p>2014-11-12 23:00 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll</p><p>2014-11-12 23:00 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys</p><p>2014-11-12 23:00 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys</p><p>2014-11-12 23:00 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys</p><p>2014-11-12 23:00 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll</p><p>2014-11-12 23:00 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll</p><p>2014-11-12 23:00 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec</p><p>2014-11-12 22:59 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe</p><p>2014-11-12 22:59 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe</p><p>2014-11-12 22:59 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx</p><p>2014-11-12 22:59 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe</p><p>2014-11-12 22:59 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl</p><p>2014-11-12 22:59 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec</p><p>2014-11-12 22:59 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx</p><p>2014-11-12 22:59 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl</p><p>2014-11-12 22:59 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll</p><p>2014-11-12 22:58 - 2014-11-04 23:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll</p><p>2014-11-12 22:58 - 2014-11-04 00:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll</p><p>2014-11-12 22:58 - 2014-10-31 04:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll</p><p>2014-11-12 22:58 - 2014-10-31 04:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll</p><p>2014-11-12 22:58 - 2014-10-31 04:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll</p><p>2014-11-12 22:58 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll</p><p>2014-11-12 22:58 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys</p><p>2014-11-12 22:58 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll</p><p>2014-11-12 22:58 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll</p><p>2014-11-12 22:58 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys</p><p>2014-11-12 22:58 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys</p><p>2014-11-12 22:58 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS</p><p>2014-11-12 22:58 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml</p><p>2014-11-12 22:58 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll</p><p>2014-11-12 22:58 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll</p><p>2014-11-12 22:58 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll</p><p>2014-11-12 22:58 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll</p><p>2014-11-12 22:58 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll</p><p>2014-11-12 22:58 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll</p><p>2014-11-12 22:58 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS</p><p>2014-11-12 22:58 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll</p><p>2014-11-12 22:58 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll</p><p>2014-11-12 22:58 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll</p><p>2014-11-12 22:58 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll</p><p>2014-11-12 22:58 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll</p><p>2014-11-12 22:58 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll</p><p>2014-11-12 22:58 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll</p><p>2014-11-12 22:58 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe</p><p>2014-11-12 22:58 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll</p><p>2014-11-12 22:58 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll</p><p>2014-11-12 22:58 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll</p><p>2014-11-12 22:58 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll</p><p>2014-11-12 22:58 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll</p><p>2014-11-09 03:26 - 2014-11-09 03:26 - 00001502 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Calculator.lnk</p><p>==================== One Month Modified Files and Folders =======</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-11-27 10:56 - 2013-07-12 10:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job</p><p>2014-11-27 10:36 - 2013-05-25 10:38 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-11-27 10:09 - 2013-07-17 22:04 - 00000112 ___RH () C:\Users\John\Downloads\Stinger.opt</p><p>2014-11-27 10:07 - 2013-07-17 20:34 - 00000000 ____D () C:\Stinger_Quarantine</p><p>2014-11-27 10:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru</p><p>2014-11-27 09:49 - 2013-05-25 10:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2736297338-2421970953-1943868259-1001</p><p>2014-11-27 08:50 - 2013-11-20 19:40 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DC2320E-BD55-4A81-9C75-67447304AC13}</p><p>2014-11-27 08:50 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI</p><p>2014-11-27 08:50 - 2013-07-09 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee</p><p>2014-11-27 08:49 - 2013-11-19 10:40 - 01068154 _____ () C:\WINDOWS\WindowsUpdate.log</p><p>2014-11-27 08:48 - 2013-07-08 10:56 - 00000000 __RSD () C:\Users\John\Documents\McAfee Vaults</p><p>2014-11-27 08:46 - 2014-05-09 18:14 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55.job</p><p>2014-11-27 08:46 - 2014-03-22 13:12 - 00000000 ___DO () C:\Users\John\SkyDrive</p><p>2014-11-27 08:45 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT</p><p>2014-11-27 02:42 - 2013-08-22 13:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI</p><p>2014-11-26 23:24 - 2014-06-28 06:38 - 00001300 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk</p><p>2014-11-26 18:08 - 2013-05-25 10:06 - 00000000 ____D () C:\WINDOWS\pss</p><p>2014-11-26 17:45 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM</p><p>2014-11-25 22:52 - 2014-06-02 08:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan</p><p>2014-11-25 22:39 - 2013-05-25 10:09 - 00000000 ____D () C:\Users\John\Documents\Bluetooth Folder</p><p>2014-11-25 22:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness</p><p>2014-11-25 21:42 - 2013-11-22 19:51 - 00001984 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk</p><p>2014-11-25 21:42 - 2013-07-09 08:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan</p><p>2014-11-25 20:02 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp</p><p>2014-11-25 20:00 - 2014-09-05 07:55 - 00000000 ___RD () C:\Program Files (x86)\Skype</p><p>2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype</p><p>2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\ProgramData\Skype</p><p>2014-11-25 19:56 - 2013-07-12 10:52 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater</p><p>2014-11-25 17:32 - 2014-01-03 22:36 - 00000000 ____D () C:\ProgramData\Oracle</p><p>2014-11-25 16:11 - 2013-12-07 09:30 - 00000000 ____D () C:\ProgramData\ProductData</p><p>2014-11-25 02:14 - 2013-05-25 10:04 - 00000000 ____D () C:\Users\John\AppData\Local\Packages</p><p>2014-11-25 02:09 - 2014-09-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox</p><p>2014-11-25 01:50 - 2013-07-08 22:45 - 00000000 ____D () C:\Program Files (x86)\McAfee</p><p>2014-11-25 01:47 - 2013-05-25 10:05 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps</p><p>2014-11-25 01:44 - 2013-05-25 12:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\WildTangent</p><p>2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games</p><p>2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\ProgramData\WildTangent</p><p>2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\Program Files (x86)\WildGames</p><p>2014-11-25 01:37 - 2013-07-12 10:58 - 00000000 ____D () C:\WINDOWS\system32\MRT</p><p>2014-11-25 01:33 - 2013-05-27 12:19 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe</p><p>2014-11-25 01:02 - 2013-11-19 10:17 - 00000000 ____D () C:\Users\John</p><p>2014-11-25 01:01 - 2014-02-10 17:31 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite</p><p>2014-11-25 00:59 - 2013-10-15 02:44 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc</p><p>2014-11-25 00:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender</p><p>2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep</p><p>2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing</p><p>2014-11-25 00:57 - 2014-08-05 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8</p><p>2014-11-25 00:57 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Atheros</p><p>2014-11-25 00:57 - 2013-07-17 20:33 - 00000000 ____D () C:\Program Files (x86)\stinger</p><p>2014-11-25 00:57 - 2013-06-04 20:59 - 00000000 ____D () C:\ProgramData\IObit</p><p>2014-11-25 00:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration</p><p>2014-11-25 00:35 - 2013-12-07 09:30 - 00000000 ____D () C:\Users\John\AppData\Roaming\IObit</p><p>2014-11-25 00:31 - 2013-11-16 20:55 - 00000000 ____D () C:\Users\John\AppData\Local\Mozilla</p><p>2014-11-25 00:26 - 2013-06-04 20:59 - 00000000 ____D () C:\Program Files (x86)\IObit</p><p>2014-11-24 22:47 - 2014-10-25 07:45 - 00000000 ____D () C:\Users\John\Documents\JK's Docs</p><p>2014-11-21 14:29 - 2014-09-01 20:52 - 00000000 ____D () C:\Users\John\Documents\Kevin Jenkins</p><p>2014-11-20 23:08 - 2014-07-28 16:40 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak38</p><p>2014-11-19 11:58 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated</p><p>2014-11-19 10:24 - 2014-10-25 07:46 - 00082432 ___SH () C:\Users\John\Documents\Thumbs.db</p><p>2014-11-18 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF</p><p>2014-11-18 09:26 - 2013-11-19 18:09 - 00000000 ___DC () C:\WINDOWS\Panther</p><p>2014-11-18 09:25 - 2013-06-02 18:52 - 00000000 ____D () C:\Users\John\Tracing</p><p>2014-11-17 12:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache</p><p>2014-11-17 09:01 - 2013-08-22 14:44 - 00503088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT</p><p>2014-11-15 13:26 - 2014-07-13 21:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel</p><p>2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools</p><p>2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools</p><p>2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender</p><p>2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData</p><p>2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel</p><p>2014-11-15 11:45 - 2014-10-21 16:42 - 00000000 ____D () C:\Users\John\Documents\CBA share valuations</p><p>2014-11-15 00:58 - 2013-06-11 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help</p><p>2014-11-14 12:31 - 2014-05-09 18:14 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55</p><p>2014-11-14 12:31 - 2013-05-25 10:38 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA</p><p>2014-11-09 21:14 - 2013-12-22 16:25 - 00000000 ____D () C:\ProgramData\Package Cache</p><p>2014-11-09 21:13 - 2014-10-25 09:30 - 00000000 ____D () C:\ProgramData\Adguard</p><p>2014-10-30 11:25 - 2013-08-17 18:34 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe</p><p>Files to move or delete:</p><p>====================</p><p>C:\ProgramData\fontcacheev1.dat</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\John\AppData\Local\Temp\dllnt_dump.dll</p><p>C:\Users\John\AppData\Local\Temp\Quarantine.exe</p><p>C:\Users\John\AppData\Local\Temp\sqlite3.dll</p><p></p><p>==================== Bamital & volsnap Check =================</p><p>(There is no automatic fix for files that do not pass verification.)</p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p>LastRegBack: 2014-11-27 09:49</p><p>==================== End Of Log ============================</p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01</p><p>Ran by John (administrator) on JAYKAYSVAIO on 27-11-2014 10:56:33</p><p>Running from C:\Users\John\Downloads</p><p>Loaded Profile: John (Available profiles: John)</p><p>Platform: Windows 8.1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p>==================== Processes (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p>(AMD) C:\Windows\System32\atiesrxx.exe</p><p>(AMD) C:\Windows\System32\atieclxx.exe</p><p>(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dasHost.exe</p><p>(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe</p><p>(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe</p><p>(McAfee, Inc.) C:\Windows\System32\mfevtps.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe</p><p>(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe</p><p>(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe</p><p>(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe</p><p>(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe</p><p>(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe</p><p>() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe</p><p>(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe</p><p>(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe</p><p>(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe</p><p>(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe</p><p>() C:\Program Files\Sony\VAIO Care\listener.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe</p><p>(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe</p><p>(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe</p><p>(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe</p><p>(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe</p><p>(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe</p><p>(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p></p><p>==================== Registry (Whitelisted) ==================</p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p>HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)</p><p>HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)</p><p>HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)</p><p>HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)</p><p>HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)</p><p>HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)</p><p>HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)</p><p>HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited)</p><p>HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4484608 2014-01-22] (Research In Motion Limited)</p><p>HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)</p><p>Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)</p><p>HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))</p><p>HKLM\...\Policies\Explorer: [NoControlPanel] 0</p><p>HKLM\...\Policies\Explorer: [NoFolderOptions] 0</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1464336 2014-02-03] (Research In Motion)</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\MountPoints2: {3edd7706-c191-11e3-802b-b8763ff59eea} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk</p><p>ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.)</p><p>ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File</p><p>ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File</p><p>ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File</p><p>ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File</p><p>ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File</p><p>ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File</p><p>BootExecute: autocheck autochk *</p><p>==================== Internet (Whitelisted) ====================</p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://google.com/" target="_blank">http://google.com/</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://sony13.msn.com" target="_blank">http://sony13.msn.com</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = <a href="http://vaioportal.sony.eu" target="_blank">http://vaioportal.sony.eu</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = <a href="http://www.msn.com/en-gb/?ocid=iehp" target="_blank">http://www.msn.com/en-gb/?ocid=iehp</a></p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB</p><p>HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBEAFA000D109D001</p><p>HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank</p><p>SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = </p><p>SearchScopes: HKU\.DEFAULT -> DefaultScope {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = <a href="http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms" target="_blank">http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms</a>}</p><p>SearchScopes: HKU\.DEFAULT -> {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = <a href="http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms" target="_blank">http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> DefaultScope {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {4BA09C6D-3C77-9D14-BC01-149374DBEC04} URL = </p><p>BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)</p><p>BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll (McAfee, Inc.)</p><p>BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)</p><p>Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)</p><p>Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)</p><p>Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)</p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default</p><p>FF DefaultSearchEngine: Secure Search</p><p>FF SearchEngineOrder.1: Secure Search</p><p>FF SelectedSearchEngine: Secure Search</p><p>FF Keyword.URL: <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p</a>=</p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()</p><p>FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)</p><p>FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p>FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml</p><p>FF Extension: Advanced SystemCare Surfing Protection - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\<a href="mailto:iobitascsurfingprotection@iobit.com">iobitascsurfingprotection@iobit.com</a> [2014-11-18]</p><p>FF Extension: Yahoo Community Smartbar - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{dd312948-01f6-4288-9a59-3368f4f55bdf} [2014-07-03]</p><p>FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-16]</p><p>FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor</p><p>FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-08]</p><p>FF HKLM-x32\...\Thunderbird\Extensions: [<a href="mailto:msktbird@mcafee.com">msktbird@mcafee.com</a>] - C:\Program Files\McAfee\MSK</p><p>FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-08]</p><p>FF HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi</p><p>FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-10-27]</p><p>FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]</p><p>Chrome: </p><p>=======</p><p>CHR DefaultSearchKeyword: Default -> mcafee</p><p>CHR DefaultSearchURL: Default -> <a href="https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms" target="_blank">https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms</a>}</p><p>CHR DefaultSuggestURL: Default -> </p><p>CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]</p><p>CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-08]</p><p>CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07]</p><p>CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-25]</p><p>==================== Services (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)</p><p>S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)</p><p>R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]</p><p>R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)</p><p>R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)</p><p>R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)</p><p>R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [156904 2014-11-13] (McAfee, Inc.)</p><p>R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)</p><p>S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.)</p><p>R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)</p><p>R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-07] (McAfee, Inc.)</p><p>R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)</p><p>R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)</p><p>R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)</p><p>R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)</p><p>S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)</p><p>R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)</p><p>R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-01-22] (Apple Inc.) [File not signed]</p><p>R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1309696 2014-01-22] (Research In Motion Limited) [File not signed]</p><p>R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)</p><p>R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)</p><p>S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)</p><p>S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]</p><p>R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)</p><p>S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)</p><p>S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)</p><p>R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]</p><p>==================== Drivers (Whitelisted) ====================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)</p><p>S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)</p><p>S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)</p><p>S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)</p><p>R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)</p><p>R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)</p><p>S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)</p><p>R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.)</p><p>R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)</p><p>R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-07] (McAfee, Inc.)</p><p>R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)</p><p>S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)</p><p>R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)</p><p>R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)</p><p>R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)</p><p>S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)</p><p>R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)</p><p>S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)</p><p>R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-01-22] (Research in Motion Limited)</p><p>R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)</p><p>R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-16] ()</p><p>R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)</p><p>R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)</p><p>S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-28] ()</p><p>S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)</p><p>S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)</p><p>S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]</p><p>S0 mferkdet; \SystemRoot\system32\drivers\mferkdet.sys [X]</p><p>S3 MFE_RR; \??\C:\Users\John\AppData\Local\Temp\mfe_rr.sys [X]</p><p>==================== NetSvcs (Whitelisted) ===================</p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p>==================== One Month Created Files and Folders ========</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-11-27 10:56 - 2014-11-27 10:56 - 00025960 _____ () C:\Users\John\Downloads\FRST.txt</p><p>2014-11-27 10:55 - 2014-11-27 10:56 - 00000000 ____D () C:\FRST</p><p>2014-11-27 10:55 - 2014-11-27 10:55 - 02117632 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe</p><p>2014-11-27 10:10 - 2014-11-27 10:11 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141127_101059.log</p><p>2014-11-27 10:10 - 2014-11-27 10:10 - 00783120 _____ (McAfee, Inc.) C:\Users\John\Downloads\rootkitremover.exe</p><p>2014-11-27 10:08 - 2014-11-27 10:09 - 00000855 _____ () C:\Users\John\Downloads\Stinger_27112014_100816.html</p><p>2014-11-27 10:04 - 2014-11-27 10:09 - 00000000 ____D () C:\Program Files\stinger</p><p>2014-11-27 10:04 - 2014-11-27 10:06 - 00000978 _____ () C:\Users\John\Downloads\Stinger_27112014_100425.html</p><p>2014-11-27 10:03 - 2014-11-27 10:03 - 12484464 _____ (McAfee Inc) C:\Users\John\Downloads\stinger64.exe</p><p>2014-11-26 23:21 - 2014-11-26 23:24 - 00000000 ____D () C:\AdwCleaner</p><p>2014-11-26 23:15 - 2014-11-26 23:19 - 00000755 _____ () C:\Users\John\Desktop\Start Emsisoft Emergency Kit.lnk</p><p>2014-11-26 23:14 - 2014-11-26 23:18 - 00000000 ____D () C:\EEK</p><p>2014-11-26 23:13 - 2014-11-26 23:14 - 159691800 _____ () C:\Users\John\Downloads\EmsisoftEmergencyKit.exe</p><p>2014-11-26 23:00 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\HitmanPro</p><p>2014-11-26 22:59 - 2014-11-26 22:59 - 11222744 _____ (SurfRight B.V.) C:\Users\John\Downloads\HitmanPro_x64.exe</p><p>2014-11-26 22:58 - 2014-11-26 22:58 - 06045272 _____ () C:\Users\John\Downloads\RogueKiller_old.exe</p><p>2014-11-26 22:57 - 2014-11-26 22:57 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64 (1).exe</p><p>2014-11-26 22:07 - 2014-11-26 22:07 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys</p><p>2014-11-26 22:07 - 2014-11-26 22:07 - 00000000 ____D () C:\ProgramData\RogueKiller</p><p>2014-11-26 22:06 - 2014-11-26 22:06 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64.exe</p><p>2014-11-26 20:19 - 2014-11-26 23:25 - 00000698 _____ () C:\WINDOWS\PFRO.log</p><p>2014-11-26 19:53 - 2014-11-27 02:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-11-26 19:53 - 2014-11-26 20:53 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2014-11-26 19:53 - 2014-11-26 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2014-11-26 19:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys</p><p>2014-11-26 19:53 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys</p><p>2014-11-26 19:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys</p><p>2014-11-26 19:51 - 2014-11-26 19:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\DAD.exe</p><p>2014-11-26 19:21 - 2014-11-26 19:27 - 05514984 _____ () C:\Users\John\Desktop\Rkill.txt</p><p>2014-11-26 19:16 - 2014-11-26 19:16 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\iExplore.exe</p><p>2014-11-26 13:00 - 2014-11-26 13:01 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\John\Downloads\tdsskiller.exe</p><p>2014-11-26 12:58 - 2014-11-26 12:58 - 00000077 ___RH () C:\Users\John\Downloads\GetSusp.opt</p><p>2014-11-26 12:54 - 2014-11-26 12:54 - 02191924 _____ () C:\Users\John\Downloads\gsusp_4B50C87A07AE_112614_125438.zip</p><p>2014-11-26 12:53 - 2014-11-26 12:54 - 00001160 _____ () C:\Users\John\Downloads\GetSusp.xml</p><p>2014-11-26 12:51 - 2014-11-26 12:51 - 01579552 _____ (McAfee Inc.) C:\Users\John\Downloads\getsusp.exe</p><p>2014-11-26 12:33 - 2014-11-26 12:33 - 04163057 _____ () C:\Users\John\Downloads\tdsskiller.zip</p><p>2014-11-26 10:54 - 2014-11-26 10:55 - 122877696 _____ (Microsoft Corporation) C:\Users\John\Downloads\msert (2).exe</p><p>2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setuperr.log</p><p>2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setupact.log</p><p>2014-11-25 21:48 - 2014-11-25 21:48 - 03159112 _____ () C:\Users\John\Downloads\McAfee_TechCheck.exe</p><p>2014-11-25 21:42 - 2014-11-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus</p><p>2014-11-25 21:41 - 2014-11-25 21:41 - 08423856 _____ (McAfee, Inc.) C:\Users\John\Downloads\SecurityScan_Release (1).exe</p><p>2014-11-25 17:31 - 2014-11-25 17:31 - 00000000 ____D () C:\Program Files (x86)\Java</p><p>2014-11-25 08:31 - 2014-11-25 08:31 - 00063680 _____ () C:\Users\John\Downloads\ModifyCntxtId.exe</p><p>2014-11-25 02:09 - 2014-11-25 02:09 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk</p><p>2014-11-25 02:09 - 2014-11-25 02:09 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk</p><p>2014-11-25 02:09 - 2014-11-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service</p><p>2014-11-25 02:07 - 2014-11-25 02:07 - 00244120 _____ () C:\Users\John\Downloads\Firefox Setup Stub 33.1.1.exe</p><p>2014-11-25 01:17 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll</p><p>2014-11-25 01:17 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll</p><p>2014-11-25 01:17 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll</p><p>2014-11-25 01:17 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll</p><p>2014-11-24 22:21 - 2014-11-24 22:22 - 00000859 _____ () C:\Users\John\Downloads\Stinger_24112014_222121.html</p><p>2014-11-24 21:43 - 2014-11-25 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\McAfee TechCheck</p><p>2014-11-24 11:28 - 2014-11-24 11:28 - 04909382 _____ () C:\Users\John\Downloads\mbam-chameleon-3.1.7.0.zip</p><p>2014-11-24 11:27 - 2014-11-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit</p><p>2014-11-24 11:27 - 2014-11-24 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit</p><p>2014-11-24 00:02 - 2014-11-24 00:02 - 00007605 _____ () C:\Users\John\AppData\Local\resmon.resmoncfg</p><p>2014-11-21 23:04 - 2014-11-22 03:53 - 00003164 _____ () C:\Users\John\Downloads\Stinger_21112014_230447.html</p><p>2014-11-21 23:03 - 2014-11-21 23:03 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_230318.html</p><p>2014-11-21 22:56 - 2014-11-21 22:56 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_225609.html</p><p>2014-11-21 22:45 - 2014-11-21 22:45 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141121_224522.log</p><p>2014-11-21 00:43 - 2014-11-26 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 90611712 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 00319488 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 00061440 _____ () C:\WINDOWS\system32\config\SAM.iobit</p><p>2014-11-20 22:37 - 2014-11-20 22:37 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit</p><p>2014-11-20 12:36 - 2014-11-20 12:40 - 00000863 _____ () C:\Users\John\Downloads\Stinger_20112014_123632.html</p><p>2014-11-19 10:21 - 2014-11-24 18:25 - 00000000 ____D () C:\Users\John\Documents\Security Scan Nov 19, 21, 22, 24 2014</p><p>2014-11-19 01:27 - 2014-11-19 05:04 - 00001516 _____ () C:\Users\John\Downloads\Stinger_19112014_012703.html</p><p>2014-11-18 09:18 - 2014-11-18 09:18 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}</p><p>2014-11-17 22:01 - 2014-11-18 09:18 - 00000000 ____D () C:\Users\John\Documents\Kindle Order Nov 2104</p><p>2014-11-17 09:31 - 2014-11-17 09:31 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList</p><p>2014-11-17 09:02 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe</p><p>2014-11-17 09:02 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2014-11-12 23:02 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys</p><p>2014-11-12 23:02 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys</p><p>2014-11-12 23:02 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys</p><p>2014-11-12 23:02 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll</p><p>2014-11-12 23:02 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll</p><p>2014-11-12 23:02 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll</p><p>2014-11-12 23:02 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll</p><p>2014-11-12 23:02 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll</p><p>2014-11-12 23:02 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll</p><p>2014-11-12 23:02 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll</p><p>2014-11-12 23:02 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll</p><p>2014-11-12 23:02 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll</p><p>2014-11-12 23:02 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll</p><p>2014-11-12 23:02 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll</p><p>2014-11-12 23:01 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe</p><p>2014-11-12 23:01 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll</p><p>2014-11-12 23:01 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll</p><p>2014-11-12 23:01 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe</p><p>2014-11-12 23:01 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe</p><p>2014-11-12 23:01 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll</p><p>2014-11-12 23:01 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll</p><p>2014-11-12 23:01 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll</p><p>2014-11-12 23:01 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll</p><p>2014-11-12 23:01 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe</p><p>2014-11-12 23:01 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll</p><p>2014-11-12 23:01 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll</p><p>2014-11-12 23:01 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll</p><p>2014-11-12 23:01 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll</p><p>2014-11-12 23:01 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll</p><p>2014-11-12 23:01 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll</p><p>2014-11-12 23:01 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll</p><p>2014-11-12 23:00 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll</p><p>2014-11-12 23:00 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll</p><p>2014-11-12 23:00 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys</p><p>2014-11-12 23:00 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys</p><p>2014-11-12 23:00 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys</p><p>2014-11-12 23:00 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll</p><p>2014-11-12 23:00 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll</p><p>2014-11-12 23:00 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec</p><p>2014-11-12 22:59 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe</p><p>2014-11-12 22:59 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe</p><p>2014-11-12 22:59 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx</p><p>2014-11-12 22:59 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll</p><p>2014-11-12 22:59 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe</p><p>2014-11-12 22:59 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl</p><p>2014-11-12 22:59 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec</p><p>2014-11-12 22:59 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe</p><p>2014-11-12 22:59 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll</p><p>2014-11-12 22:59 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx</p><p>2014-11-12 22:59 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl</p><p>2014-11-12 22:59 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll</p><p>2014-11-12 22:59 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll</p><p>2014-11-12 22:58 - 2014-11-04 23:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll</p><p>2014-11-12 22:58 - 2014-11-04 00:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll</p><p>2014-11-12 22:58 - 2014-10-31 04:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll</p><p>2014-11-12 22:58 - 2014-10-31 04:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll</p><p>2014-11-12 22:58 - 2014-10-31 04:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll</p><p>2014-11-12 22:58 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll</p><p>2014-11-12 22:58 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe</p><p>2014-11-12 22:58 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll</p><p>2014-11-12 22:58 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys</p><p>2014-11-12 22:58 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll</p><p>2014-11-12 22:58 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll</p><p>2014-11-12 22:58 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys</p><p>2014-11-12 22:58 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys</p><p>2014-11-12 22:58 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS</p><p>2014-11-12 22:58 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml</p><p>2014-11-12 22:58 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll</p><p>2014-11-12 22:58 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll</p><p>2014-11-12 22:58 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll</p><p>2014-11-12 22:58 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll</p><p>2014-11-12 22:58 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll</p><p>2014-11-12 22:58 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll</p><p>2014-11-12 22:58 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS</p><p>2014-11-12 22:58 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll</p><p>2014-11-12 22:58 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll</p><p>2014-11-12 22:58 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll</p><p>2014-11-12 22:58 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll</p><p>2014-11-12 22:58 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll</p><p>2014-11-12 22:58 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll</p><p>2014-11-12 22:58 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll</p><p>2014-11-12 22:58 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe</p><p>2014-11-12 22:58 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll</p><p>2014-11-12 22:58 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll</p><p>2014-11-12 22:58 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll</p><p>2014-11-12 22:58 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll</p><p>2014-11-12 22:58 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll</p><p>2014-11-12 22:58 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll</p><p>2014-11-09 03:26 - 2014-11-09 03:26 - 00001502 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Calculator.lnk</p><p>==================== One Month Modified Files and Folders =======</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-11-27 10:56 - 2013-07-12 10:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job</p><p>2014-11-27 10:36 - 2013-05-25 10:38 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-11-27 10:09 - 2013-07-17 22:04 - 00000112 ___RH () C:\Users\John\Downloads\Stinger.opt</p><p>2014-11-27 10:07 - 2013-07-17 20:34 - 00000000 ____D () C:\Stinger_Quarantine</p><p>2014-11-27 10:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru</p><p>2014-11-27 09:49 - 2013-05-25 10:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2736297338-2421970953-1943868259-1001</p><p>2014-11-27 08:50 - 2013-11-20 19:40 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DC2320E-BD55-4A81-9C75-67447304AC13}</p><p>2014-11-27 08:50 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI</p><p>2014-11-27 08:50 - 2013-07-09 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee</p><p>2014-11-27 08:49 - 2013-11-19 10:40 - 01068154 _____ () C:\WINDOWS\WindowsUpdate.log</p><p>2014-11-27 08:48 - 2013-07-08 10:56 - 00000000 __RSD () C:\Users\John\Documents\McAfee Vaults</p><p>2014-11-27 08:46 - 2014-05-09 18:14 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55.job</p><p>2014-11-27 08:46 - 2014-03-22 13:12 - 00000000 ___DO () C:\Users\John\SkyDrive</p><p>2014-11-27 08:45 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT</p><p>2014-11-27 02:42 - 2013-08-22 13:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI</p><p>2014-11-26 23:24 - 2014-06-28 06:38 - 00001300 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk</p><p>2014-11-26 18:08 - 2013-05-25 10:06 - 00000000 ____D () C:\WINDOWS\pss</p><p>2014-11-26 17:45 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM</p><p>2014-11-25 22:52 - 2014-06-02 08:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan</p><p>2014-11-25 22:39 - 2013-05-25 10:09 - 00000000 ____D () C:\Users\John\Documents\Bluetooth Folder</p><p>2014-11-25 22:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness</p><p>2014-11-25 21:42 - 2013-11-22 19:51 - 00001984 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk</p><p>2014-11-25 21:42 - 2013-07-09 08:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan</p><p>2014-11-25 20:02 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp</p><p>2014-11-25 20:00 - 2014-09-05 07:55 - 00000000 ___RD () C:\Program Files (x86)\Skype</p><p>2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype</p><p>2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\ProgramData\Skype</p><p>2014-11-25 19:56 - 2013-07-12 10:52 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater</p><p>2014-11-25 17:32 - 2014-01-03 22:36 - 00000000 ____D () C:\ProgramData\Oracle</p><p>2014-11-25 16:11 - 2013-12-07 09:30 - 00000000 ____D () C:\ProgramData\ProductData</p><p>2014-11-25 02:14 - 2013-05-25 10:04 - 00000000 ____D () C:\Users\John\AppData\Local\Packages</p><p>2014-11-25 02:09 - 2014-09-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox</p><p>2014-11-25 01:50 - 2013-07-08 22:45 - 00000000 ____D () C:\Program Files (x86)\McAfee</p><p>2014-11-25 01:47 - 2013-05-25 10:05 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps</p><p>2014-11-25 01:44 - 2013-05-25 12:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\WildTangent</p><p>2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games</p><p>2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\ProgramData\WildTangent</p><p>2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\Program Files (x86)\WildGames</p><p>2014-11-25 01:37 - 2013-07-12 10:58 - 00000000 ____D () C:\WINDOWS\system32\MRT</p><p>2014-11-25 01:33 - 2013-05-27 12:19 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe</p><p>2014-11-25 01:02 - 2013-11-19 10:17 - 00000000 ____D () C:\Users\John</p><p>2014-11-25 01:01 - 2014-02-10 17:31 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite</p><p>2014-11-25 00:59 - 2013-10-15 02:44 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc</p><p>2014-11-25 00:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender</p><p>2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep</p><p>2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing</p><p>2014-11-25 00:57 - 2014-08-05 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8</p><p>2014-11-25 00:57 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Atheros</p><p>2014-11-25 00:57 - 2013-07-17 20:33 - 00000000 ____D () C:\Program Files (x86)\stinger</p><p>2014-11-25 00:57 - 2013-06-04 20:59 - 00000000 ____D () C:\ProgramData\IObit</p><p>2014-11-25 00:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration</p><p>2014-11-25 00:35 - 2013-12-07 09:30 - 00000000 ____D () C:\Users\John\AppData\Roaming\IObit</p><p>2014-11-25 00:31 - 2013-11-16 20:55 - 00000000 ____D () C:\Users\John\AppData\Local\Mozilla</p><p>2014-11-25 00:26 - 2013-06-04 20:59 - 00000000 ____D () C:\Program Files (x86)\IObit</p><p>2014-11-24 22:47 - 2014-10-25 07:45 - 00000000 ____D () C:\Users\John\Documents\JK's Docs</p><p>2014-11-21 14:29 - 2014-09-01 20:52 - 00000000 ____D () C:\Users\John\Documents\Kevin Jenkins</p><p>2014-11-20 23:08 - 2014-07-28 16:40 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak38</p><p>2014-11-19 11:58 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated</p><p>2014-11-19 10:24 - 2014-10-25 07:46 - 00082432 ___SH () C:\Users\John\Documents\Thumbs.db</p><p>2014-11-18 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF</p><p>2014-11-18 09:26 - 2013-11-19 18:09 - 00000000 ___DC () C:\WINDOWS\Panther</p><p>2014-11-18 09:25 - 2013-06-02 18:52 - 00000000 ____D () C:\Users\John\Tracing</p><p>2014-11-17 12:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache</p><p>2014-11-17 09:01 - 2013-08-22 14:44 - 00503088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT</p><p>2014-11-15 13:26 - 2014-07-13 21:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel</p><p>2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools</p><p>2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools</p><p>2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender</p><p>2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData</p><p>2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel</p><p>2014-11-15 11:45 - 2014-10-21 16:42 - 00000000 ____D () C:\Users\John\Documents\CBA share valuations</p><p>2014-11-15 00:58 - 2013-06-11 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help</p><p>2014-11-14 12:31 - 2014-05-09 18:14 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55</p><p>2014-11-14 12:31 - 2013-05-25 10:38 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA</p><p>2014-11-09 21:14 - 2013-12-22 16:25 - 00000000 ____D () C:\ProgramData\Package Cache</p><p>2014-11-09 21:13 - 2014-10-25 09:30 - 00000000 ____D () C:\ProgramData\Adguard</p><p>2014-10-30 11:25 - 2013-08-17 18:34 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe</p><p>Files to move or delete:</p><p>====================</p><p>C:\ProgramData\fontcacheev1.dat</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\John\AppData\Local\Temp\dllnt_dump.dll</p><p>C:\Users\John\AppData\Local\Temp\Quarantine.exe</p><p>C:\Users\John\AppData\Local\Temp\sqlite3.dll</p><p></p><p>==================== Bamital & volsnap Check =================</p><p>(There is no automatic fix for files that do not pass verification.)</p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p>LastRegBack: 2014-11-27 09:49</p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="Jaykay, post: 306456, member: 31193"] I ran AdwCleaner but can't find the report - I will run it again if I can't trace it ... although it didn't say anything. I also couldn't immediately find the link to aswMBR and will work on that later today and post both scan results to you. In the meantime here's the FRST scan logs: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01 Ran by John (administrator) on JAYKAYSVAIO on 27-11-2014 10:56:33 Running from C:\Users\John\Downloads Loaded Profile: John (Available profiles: John) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited) HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4484608 2014-01-22] (Research In Motion Limited) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®)) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1464336 2014-02-03] (Research In Motion) HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\MountPoints2: {3edd7706-c191-11e3-802b-b8763ff59eea} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://google.com/[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://sony13.msn.com[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [url]http://vaioportal.sony.eu[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [url]http://www.msn.com/en-gb/?ocid=iehp[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBEAFA000D109D001 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = [url]http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms[/url]} SearchScopes: HKU\.DEFAULT -> {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = [url]http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms[/url]} SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> DefaultScope {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms[/url]} SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms[/url]} SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {4BA09C6D-3C77-9D14-BC01-149374DBEC04} URL = BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default FF DefaultSearchEngine: Secure Search FF SearchEngineOrder.1: Secure Search FF SelectedSearchEngine: Secure Search FF Keyword.URL: [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p[/url]= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF Extension: Advanced SystemCare Surfing Protection - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\[email]iobitascsurfingprotection@iobit.com[/email] [2014-11-18] FF Extension: Yahoo Community Smartbar - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{dd312948-01f6-4288-9a59-3368f4f55bdf} [2014-07-03] FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-16] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-08] FF HKLM-x32\...\Thunderbird\Extensions: [[email]msktbird@mcafee.com[/email]] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-08] FF HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-10-27] FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found] Chrome: ======= CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSearchURL: Default -> [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms[/url]} CHR DefaultSuggestURL: Default -> CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29] CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-08] CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.) R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed] R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [156904 2014-11-13] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-07] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation) R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-01-22] (Apple Inc.) [File not signed] R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1309696 2014-01-22] (Research In Motion Limited) [File not signed] R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.) R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-07] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited) R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-01-22] (Research in Motion Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-16] () R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated) R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-28] () S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X] S0 mferkdet; \SystemRoot\system32\drivers\mferkdet.sys [X] S3 MFE_RR; \??\C:\Users\John\AppData\Local\Temp\mfe_rr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-27 10:56 - 2014-11-27 10:56 - 00025960 _____ () C:\Users\John\Downloads\FRST.txt 2014-11-27 10:55 - 2014-11-27 10:56 - 00000000 ____D () C:\FRST 2014-11-27 10:55 - 2014-11-27 10:55 - 02117632 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe 2014-11-27 10:10 - 2014-11-27 10:11 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141127_101059.log 2014-11-27 10:10 - 2014-11-27 10:10 - 00783120 _____ (McAfee, Inc.) C:\Users\John\Downloads\rootkitremover.exe 2014-11-27 10:08 - 2014-11-27 10:09 - 00000855 _____ () C:\Users\John\Downloads\Stinger_27112014_100816.html 2014-11-27 10:04 - 2014-11-27 10:09 - 00000000 ____D () C:\Program Files\stinger 2014-11-27 10:04 - 2014-11-27 10:06 - 00000978 _____ () C:\Users\John\Downloads\Stinger_27112014_100425.html 2014-11-27 10:03 - 2014-11-27 10:03 - 12484464 _____ (McAfee Inc) C:\Users\John\Downloads\stinger64.exe 2014-11-26 23:21 - 2014-11-26 23:24 - 00000000 ____D () C:\AdwCleaner 2014-11-26 23:15 - 2014-11-26 23:19 - 00000755 _____ () C:\Users\John\Desktop\Start Emsisoft Emergency Kit.lnk 2014-11-26 23:14 - 2014-11-26 23:18 - 00000000 ____D () C:\EEK 2014-11-26 23:13 - 2014-11-26 23:14 - 159691800 _____ () C:\Users\John\Downloads\EmsisoftEmergencyKit.exe 2014-11-26 23:00 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-11-26 22:59 - 2014-11-26 22:59 - 11222744 _____ (SurfRight B.V.) C:\Users\John\Downloads\HitmanPro_x64.exe 2014-11-26 22:58 - 2014-11-26 22:58 - 06045272 _____ () C:\Users\John\Downloads\RogueKiller_old.exe 2014-11-26 22:57 - 2014-11-26 22:57 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64 (1).exe 2014-11-26 22:07 - 2014-11-26 22:07 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys 2014-11-26 22:07 - 2014-11-26 22:07 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-11-26 22:06 - 2014-11-26 22:06 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64.exe 2014-11-26 20:19 - 2014-11-26 23:25 - 00000698 _____ () C:\WINDOWS\PFRO.log 2014-11-26 19:53 - 2014-11-27 02:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-11-26 19:53 - 2014-11-26 20:53 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-11-26 19:53 - 2014-11-26 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-26 19:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-11-26 19:53 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-11-26 19:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-11-26 19:51 - 2014-11-26 19:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\DAD.exe 2014-11-26 19:21 - 2014-11-26 19:27 - 05514984 _____ () C:\Users\John\Desktop\Rkill.txt 2014-11-26 19:16 - 2014-11-26 19:16 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\iExplore.exe 2014-11-26 13:00 - 2014-11-26 13:01 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\John\Downloads\tdsskiller.exe 2014-11-26 12:58 - 2014-11-26 12:58 - 00000077 ___RH () C:\Users\John\Downloads\GetSusp.opt 2014-11-26 12:54 - 2014-11-26 12:54 - 02191924 _____ () C:\Users\John\Downloads\gsusp_4B50C87A07AE_112614_125438.zip 2014-11-26 12:53 - 2014-11-26 12:54 - 00001160 _____ () C:\Users\John\Downloads\GetSusp.xml 2014-11-26 12:51 - 2014-11-26 12:51 - 01579552 _____ (McAfee Inc.) C:\Users\John\Downloads\getsusp.exe 2014-11-26 12:33 - 2014-11-26 12:33 - 04163057 _____ () C:\Users\John\Downloads\tdsskiller.zip 2014-11-26 10:54 - 2014-11-26 10:55 - 122877696 _____ (Microsoft Corporation) C:\Users\John\Downloads\msert (2).exe 2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-11-25 21:48 - 2014-11-25 21:48 - 03159112 _____ () C:\Users\John\Downloads\McAfee_TechCheck.exe 2014-11-25 21:42 - 2014-11-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-11-25 21:41 - 2014-11-25 21:41 - 08423856 _____ (McAfee, Inc.) C:\Users\John\Downloads\SecurityScan_Release (1).exe 2014-11-25 17:31 - 2014-11-25 17:31 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-25 08:31 - 2014-11-25 08:31 - 00063680 _____ () C:\Users\John\Downloads\ModifyCntxtId.exe 2014-11-25 02:09 - 2014-11-25 02:09 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-11-25 02:09 - 2014-11-25 02:09 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-11-25 02:09 - 2014-11-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-25 02:07 - 2014-11-25 02:07 - 00244120 _____ () C:\Users\John\Downloads\Firefox Setup Stub 33.1.1.exe 2014-11-25 01:17 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-11-25 01:17 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-11-25 01:17 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-11-25 01:17 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2014-11-24 22:21 - 2014-11-24 22:22 - 00000859 _____ () C:\Users\John\Downloads\Stinger_24112014_222121.html 2014-11-24 21:43 - 2014-11-25 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\McAfee TechCheck 2014-11-24 11:28 - 2014-11-24 11:28 - 04909382 _____ () C:\Users\John\Downloads\mbam-chameleon-3.1.7.0.zip 2014-11-24 11:27 - 2014-11-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit 2014-11-24 11:27 - 2014-11-24 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit 2014-11-24 00:02 - 2014-11-24 00:02 - 00007605 _____ () C:\Users\John\AppData\Local\resmon.resmoncfg 2014-11-21 23:04 - 2014-11-22 03:53 - 00003164 _____ () C:\Users\John\Downloads\Stinger_21112014_230447.html 2014-11-21 23:03 - 2014-11-21 23:03 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_230318.html 2014-11-21 22:56 - 2014-11-21 22:56 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_225609.html 2014-11-21 22:45 - 2014-11-21 22:45 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141121_224522.log 2014-11-21 00:43 - 2014-11-26 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-20 22:37 - 2014-11-20 22:37 - 90611712 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit 2014-11-20 22:37 - 2014-11-20 22:37 - 00319488 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit 2014-11-20 22:37 - 2014-11-20 22:37 - 00061440 _____ () C:\WINDOWS\system32\config\SAM.iobit 2014-11-20 22:37 - 2014-11-20 22:37 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit 2014-11-20 12:36 - 2014-11-20 12:40 - 00000863 _____ () C:\Users\John\Downloads\Stinger_20112014_123632.html 2014-11-19 10:21 - 2014-11-24 18:25 - 00000000 ____D () C:\Users\John\Documents\Security Scan Nov 19, 21, 22, 24 2014 2014-11-19 01:27 - 2014-11-19 05:04 - 00001516 _____ () C:\Users\John\Downloads\Stinger_19112014_012703.html 2014-11-18 09:18 - 2014-11-18 09:18 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2014-11-17 22:01 - 2014-11-18 09:18 - 00000000 ____D () C:\Users\John\Documents\Kindle Order Nov 2104 2014-11-17 09:31 - 2014-11-17 09:31 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList 2014-11-17 09:02 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-11-17 09:02 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-12 23:02 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-11-12 23:02 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2014-11-12 23:02 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-11-12 23:02 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-11-12 23:02 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2014-11-12 23:02 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-11-12 23:02 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2014-11-12 23:02 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-11-12 23:02 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-11-12 23:02 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2014-11-12 23:02 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-11-12 23:02 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-11-12 23:02 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-11-12 23:02 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-11-12 23:02 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-11-12 23:02 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-11-12 23:02 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-11-12 23:02 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-11-12 23:01 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-11-12 23:01 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-11-12 23:01 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-11-12 23:01 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-11-12 23:01 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-11-12 23:01 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-11-12 23:01 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-11-12 23:01 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-11-12 23:01 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-12 23:01 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-11-12 23:01 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-11-12 23:01 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-11-12 23:01 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-11-12 23:01 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-11-12 23:01 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-11-12 23:01 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-11-12 23:01 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-11-12 23:01 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-11-12 23:01 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-11-12 23:01 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-11-12 23:01 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-11-12 23:01 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-11-12 23:01 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-11-12 23:01 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-11-12 23:01 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-11-12 23:01 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-11-12 23:00 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-11-12 23:00 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-11-12 23:00 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-11-12 23:00 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-11-12 23:00 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-11-12 23:00 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-11-12 23:00 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2014-11-12 23:00 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2014-11-12 22:59 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2014-11-12 22:59 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2014-11-12 22:59 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2014-11-12 22:59 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2014-11-12 22:59 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2014-11-12 22:59 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-11-12 22:59 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-11-12 22:59 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-11-12 22:59 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-12 22:59 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-11-12 22:59 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-11-12 22:59 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-11-12 22:59 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-11-12 22:59 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-11-12 22:59 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2014-11-12 22:59 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2014-11-12 22:59 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2014-11-12 22:59 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-11-12 22:59 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-11-12 22:59 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-11-12 22:59 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-11-12 22:59 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-11-12 22:59 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-11-12 22:59 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-11-12 22:59 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-12 22:59 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-11-12 22:59 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2014-11-12 22:59 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2014-11-12 22:59 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-11-12 22:59 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-11-12 22:59 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-11-12 22:59 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-11-12 22:59 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-11-12 22:59 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-11-12 22:59 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-11-12 22:59 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-11-12 22:59 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-11-12 22:59 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-11-12 22:59 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-11-12 22:59 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-11-12 22:59 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-11-12 22:59 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-11-12 22:59 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-11-12 22:59 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-11-12 22:59 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2014-11-12 22:59 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-11-12 22:59 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2014-11-12 22:59 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2014-11-12 22:59 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2014-11-12 22:59 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2014-11-12 22:59 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2014-11-12 22:59 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-11-12 22:59 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2014-11-12 22:59 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-11-12 22:59 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-11-12 22:59 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-11-12 22:59 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-11-12 22:59 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-11-12 22:59 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-11-12 22:59 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-11-12 22:59 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-11-12 22:59 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2014-11-12 22:59 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2014-11-12 22:59 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2014-11-12 22:59 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-11-12 22:59 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-11-12 22:59 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-11-12 22:59 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2014-11-12 22:59 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-11-12 22:59 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 22:59 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2014-11-12 22:59 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-11-12 22:59 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2014-11-12 22:59 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-11-12 22:59 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2014-11-12 22:59 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-11-12 22:59 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-11-12 22:59 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-11-12 22:59 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2014-11-12 22:59 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-11-12 22:59 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-11-12 22:59 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-11-12 22:59 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-11-12 22:59 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-11-12 22:59 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-11-12 22:59 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-11-12 22:59 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-11-12 22:59 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2014-11-12 22:59 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-11-12 22:59 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-11-12 22:59 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-11-12 22:58 - 2014-11-04 23:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-11-12 22:58 - 2014-11-04 00:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2014-11-12 22:58 - 2014-10-31 04:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2014-11-12 22:58 - 2014-10-31 04:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-11-12 22:58 - 2014-10-31 04:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2014-11-12 22:58 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-11-12 22:58 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-11-12 22:58 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-11-12 22:58 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-11-12 22:58 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-12 22:58 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-11-12 22:58 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2014-11-12 22:58 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-11-12 22:58 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-11-12 22:58 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-11-12 22:58 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-11-12 22:58 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-12 22:58 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-11-12 22:58 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-11-12 22:58 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-11-12 22:58 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-11-12 22:58 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-11-12 22:58 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-11-12 22:58 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-11-12 22:58 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-12 22:58 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-11-12 22:58 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-11-12 22:58 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-11-12 22:58 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-11-12 22:58 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-11-12 22:58 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-11-12 22:58 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-12 22:58 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll 2014-11-12 22:58 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-12 22:58 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll 2014-11-12 22:58 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-11-12 22:58 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-11-12 22:58 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-11-12 22:58 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-11-12 22:58 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-11-12 22:58 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-11-12 22:58 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-11-12 22:58 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-11-12 22:58 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-12 22:58 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-11-12 22:58 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2014-11-09 03:26 - 2014-11-09 03:26 - 00001502 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Calculator.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-27 10:56 - 2013-07-12 10:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-11-27 10:36 - 2013-05-25 10:38 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-27 10:09 - 2013-07-17 22:04 - 00000112 ___RH () C:\Users\John\Downloads\Stinger.opt 2014-11-27 10:07 - 2013-07-17 20:34 - 00000000 ____D () C:\Stinger_Quarantine 2014-11-27 10:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-11-27 09:49 - 2013-05-25 10:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2736297338-2421970953-1943868259-1001 2014-11-27 08:50 - 2013-11-20 19:40 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DC2320E-BD55-4A81-9C75-67447304AC13} 2014-11-27 08:50 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-11-27 08:50 - 2013-07-09 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-11-27 08:49 - 2013-11-19 10:40 - 01068154 _____ () C:\WINDOWS\WindowsUpdate.log 2014-11-27 08:48 - 2013-07-08 10:56 - 00000000 __RSD () C:\Users\John\Documents\McAfee Vaults 2014-11-27 08:46 - 2014-05-09 18:14 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55.job 2014-11-27 08:46 - 2014-03-22 13:12 - 00000000 ___DO () C:\Users\John\SkyDrive 2014-11-27 08:45 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-11-27 02:42 - 2013-08-22 13:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI 2014-11-26 23:24 - 2014-06-28 06:38 - 00001300 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-11-26 18:08 - 2013-05-25 10:06 - 00000000 ____D () C:\WINDOWS\pss 2014-11-26 17:45 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-11-25 22:52 - 2014-06-02 08:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-11-25 22:39 - 2013-05-25 10:09 - 00000000 ____D () C:\Users\John\Documents\Bluetooth Folder 2014-11-25 22:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-11-25 21:42 - 2013-11-22 19:51 - 00001984 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-11-25 21:42 - 2013-07-09 08:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-11-25 20:02 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-11-25 20:00 - 2014-09-05 07:55 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype 2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\ProgramData\Skype 2014-11-25 19:56 - 2013-07-12 10:52 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-11-25 17:32 - 2014-01-03 22:36 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-25 16:11 - 2013-12-07 09:30 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-25 02:14 - 2013-05-25 10:04 - 00000000 ____D () C:\Users\John\AppData\Local\Packages 2014-11-25 02:09 - 2014-09-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-25 01:50 - 2013-07-08 22:45 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-11-25 01:47 - 2013-05-25 10:05 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps 2014-11-25 01:44 - 2013-05-25 12:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\WildTangent 2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\ProgramData\WildTangent 2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\Program Files (x86)\WildGames 2014-11-25 01:37 - 2013-07-12 10:58 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-11-25 01:33 - 2013-05-27 12:19 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-11-25 01:02 - 2013-11-19 10:17 - 00000000 ____D () C:\Users\John 2014-11-25 01:01 - 2014-02-10 17:31 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite 2014-11-25 00:59 - 2013-10-15 02:44 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc 2014-11-25 00:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing 2014-11-25 00:57 - 2014-08-05 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8 2014-11-25 00:57 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Atheros 2014-11-25 00:57 - 2013-07-17 20:33 - 00000000 ____D () C:\Program Files (x86)\stinger 2014-11-25 00:57 - 2013-06-04 20:59 - 00000000 ____D () C:\ProgramData\IObit 2014-11-25 00:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration 2014-11-25 00:35 - 2013-12-07 09:30 - 00000000 ____D () C:\Users\John\AppData\Roaming\IObit 2014-11-25 00:31 - 2013-11-16 20:55 - 00000000 ____D () C:\Users\John\AppData\Local\Mozilla 2014-11-25 00:26 - 2013-06-04 20:59 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-11-24 22:47 - 2014-10-25 07:45 - 00000000 ____D () C:\Users\John\Documents\JK's Docs 2014-11-21 14:29 - 2014-09-01 20:52 - 00000000 ____D () C:\Users\John\Documents\Kevin Jenkins 2014-11-20 23:08 - 2014-07-28 16:40 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak38 2014-11-19 11:58 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated 2014-11-19 10:24 - 2014-10-25 07:46 - 00082432 ___SH () C:\Users\John\Documents\Thumbs.db 2014-11-18 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-11-18 09:26 - 2013-11-19 18:09 - 00000000 ___DC () C:\WINDOWS\Panther 2014-11-18 09:25 - 2013-06-02 18:52 - 00000000 ____D () C:\Users\John\Tracing 2014-11-17 12:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-11-17 09:01 - 2013-08-22 14:44 - 00503088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-11-15 13:26 - 2014-07-13 21:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-11-15 11:45 - 2014-10-21 16:42 - 00000000 ____D () C:\Users\John\Documents\CBA share valuations 2014-11-15 00:58 - 2013-06-11 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-14 12:31 - 2014-05-09 18:14 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55 2014-11-14 12:31 - 2013-05-25 10:38 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-09 21:14 - 2013-12-22 16:25 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-09 21:13 - 2014-10-25 09:30 - 00000000 ____D () C:\ProgramData\Adguard 2014-10-30 11:25 - 2013-08-17 18:34 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe Files to move or delete: ==================== C:\ProgramData\fontcacheev1.dat Some content of TEMP: ==================== C:\Users\John\AppData\Local\Temp\dllnt_dump.dll C:\Users\John\AppData\Local\Temp\Quarantine.exe C:\Users\John\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-27 09:49 ==================== End Of Log ============================ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01 Ran by John (administrator) on JAYKAYSVAIO on 27-11-2014 10:56:33 Running from C:\Users\John\Downloads Loaded Profile: John (Available profiles: John) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited) HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4484608 2014-01-22] (Research In Motion Limited) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®)) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1464336 2014-02-03] (Research In Motion) HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.) HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\MountPoints2: {3edd7706-c191-11e3-802b-b8763ff59eea} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\start.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.10.106\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://google.com/[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://sony13.msn.com[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [url]http://vaioportal.sony.eu[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [url]http://www.msn.com/en-gb/?ocid=iehp[/url] HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBEAFA000D109D001 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = [url]http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms[/url]} SearchScopes: HKU\.DEFAULT -> {D0E9F344-1BA1-41B9-90E3-70BBAB6F68A7} URL = [url]http://uk.search.yahoo.com/search?fr=mcafee&type=A011GB649&p={SearchTerms[/url]} SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> DefaultScope {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms[/url]} SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {20E89653-41B9-4CEA-96FF-3B7EF1ADC3B9} URL = [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B011GB649D20140729&p={SearchTerms[/url]} SearchScopes: HKU\S-1-5-21-2736297338-2421970953-1943868259-1001 -> {4BA09C6D-3C77-9D14-BC01-149374DBEC04} URL = BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.10.106\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default FF DefaultSearchEngine: Secure Search FF SearchEngineOrder.1: Secure Search FF SelectedSearchEngine: Secure Search FF Keyword.URL: [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B111GB649D20140729&p[/url]= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml FF Extension: Advanced SystemCare Surfing Protection - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\[email]iobitascsurfingprotection@iobit.com[/email] [2014-11-18] FF Extension: Yahoo Community Smartbar - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{dd312948-01f6-4288-9a59-3368f4f55bdf} [2014-07-03] FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1ykx1zvx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-16] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-08] FF HKLM-x32\...\Thunderbird\Extensions: [[email]msktbird@mcafee.com[/email]] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-08] FF HKU\S-1-5-21-2736297338-2421970953-1943868259-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-10-27] FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found] Chrome: ======= CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSearchURL: Default -> [url]https://uk.search.yahoo.com/search?fr=mcafee&type=B211GB649D20140729&p={searchTerms[/url]} CHR DefaultSuggestURL: Default -> CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29] CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-08] CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.) R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed] R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [156904 2014-11-13] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.10.106\McCHSvc.exe [289256 2014-11-04] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-07] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.) S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation) R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-01-22] (Apple Inc.) [File not signed] R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1309696 2014-01-22] (Research In Motion Limited) [File not signed] R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2014-08-26] (McAfee, Inc.) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.) R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-07] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited) R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-01-22] (Research in Motion Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-16] () R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated) R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-28] () S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X] S0 mferkdet; \SystemRoot\system32\drivers\mferkdet.sys [X] S3 MFE_RR; \??\C:\Users\John\AppData\Local\Temp\mfe_rr.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-27 10:56 - 2014-11-27 10:56 - 00025960 _____ () C:\Users\John\Downloads\FRST.txt 2014-11-27 10:55 - 2014-11-27 10:56 - 00000000 ____D () C:\FRST 2014-11-27 10:55 - 2014-11-27 10:55 - 02117632 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe 2014-11-27 10:10 - 2014-11-27 10:11 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141127_101059.log 2014-11-27 10:10 - 2014-11-27 10:10 - 00783120 _____ (McAfee, Inc.) C:\Users\John\Downloads\rootkitremover.exe 2014-11-27 10:08 - 2014-11-27 10:09 - 00000855 _____ () C:\Users\John\Downloads\Stinger_27112014_100816.html 2014-11-27 10:04 - 2014-11-27 10:09 - 00000000 ____D () C:\Program Files\stinger 2014-11-27 10:04 - 2014-11-27 10:06 - 00000978 _____ () C:\Users\John\Downloads\Stinger_27112014_100425.html 2014-11-27 10:03 - 2014-11-27 10:03 - 12484464 _____ (McAfee Inc) C:\Users\John\Downloads\stinger64.exe 2014-11-26 23:21 - 2014-11-26 23:24 - 00000000 ____D () C:\AdwCleaner 2014-11-26 23:15 - 2014-11-26 23:19 - 00000755 _____ () C:\Users\John\Desktop\Start Emsisoft Emergency Kit.lnk 2014-11-26 23:14 - 2014-11-26 23:18 - 00000000 ____D () C:\EEK 2014-11-26 23:13 - 2014-11-26 23:14 - 159691800 _____ () C:\Users\John\Downloads\EmsisoftEmergencyKit.exe 2014-11-26 23:00 - 2014-11-26 23:11 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-11-26 22:59 - 2014-11-26 22:59 - 11222744 _____ (SurfRight B.V.) C:\Users\John\Downloads\HitmanPro_x64.exe 2014-11-26 22:58 - 2014-11-26 22:58 - 06045272 _____ () C:\Users\John\Downloads\RogueKiller_old.exe 2014-11-26 22:57 - 2014-11-26 22:57 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64 (1).exe 2014-11-26 22:07 - 2014-11-26 22:07 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys 2014-11-26 22:07 - 2014-11-26 22:07 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-11-26 22:06 - 2014-11-26 22:06 - 18310232 _____ () C:\Users\John\Downloads\RogueKillerX64.exe 2014-11-26 20:19 - 2014-11-26 23:25 - 00000698 _____ () C:\WINDOWS\PFRO.log 2014-11-26 19:53 - 2014-11-27 02:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-11-26 19:53 - 2014-11-26 20:53 - 00001134 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-11-26 19:53 - 2014-11-26 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-26 19:53 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-11-26 19:53 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-11-26 19:53 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-11-26 19:51 - 2014-11-26 19:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\DAD.exe 2014-11-26 19:21 - 2014-11-26 19:27 - 05514984 _____ () C:\Users\John\Desktop\Rkill.txt 2014-11-26 19:16 - 2014-11-26 19:16 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\John\Downloads\iExplore.exe 2014-11-26 13:00 - 2014-11-26 13:01 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\John\Downloads\tdsskiller.exe 2014-11-26 12:58 - 2014-11-26 12:58 - 00000077 ___RH () C:\Users\John\Downloads\GetSusp.opt 2014-11-26 12:54 - 2014-11-26 12:54 - 02191924 _____ () C:\Users\John\Downloads\gsusp_4B50C87A07AE_112614_125438.zip 2014-11-26 12:53 - 2014-11-26 12:54 - 00001160 _____ () C:\Users\John\Downloads\GetSusp.xml 2014-11-26 12:51 - 2014-11-26 12:51 - 01579552 _____ (McAfee Inc.) C:\Users\John\Downloads\getsusp.exe 2014-11-26 12:33 - 2014-11-26 12:33 - 04163057 _____ () C:\Users\John\Downloads\tdsskiller.zip 2014-11-26 10:54 - 2014-11-26 10:55 - 122877696 _____ (Microsoft Corporation) C:\Users\John\Downloads\msert (2).exe 2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-11-26 08:40 - 2014-11-26 08:40 - 00000000 _____ () C:\WINDOWS\setupact.log 2014-11-25 21:48 - 2014-11-25 21:48 - 03159112 _____ () C:\Users\John\Downloads\McAfee_TechCheck.exe 2014-11-25 21:42 - 2014-11-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-11-25 21:41 - 2014-11-25 21:41 - 08423856 _____ (McAfee, Inc.) C:\Users\John\Downloads\SecurityScan_Release (1).exe 2014-11-25 17:31 - 2014-11-25 17:31 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-25 08:31 - 2014-11-25 08:31 - 00063680 _____ () C:\Users\John\Downloads\ModifyCntxtId.exe 2014-11-25 02:09 - 2014-11-25 02:09 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-11-25 02:09 - 2014-11-25 02:09 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-11-25 02:09 - 2014-11-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-25 02:07 - 2014-11-25 02:07 - 00244120 _____ () C:\Users\John\Downloads\Firefox Setup Stub 33.1.1.exe 2014-11-25 01:17 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-11-25 01:17 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-11-25 01:17 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-11-25 01:17 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2014-11-24 22:21 - 2014-11-24 22:22 - 00000859 _____ () C:\Users\John\Downloads\Stinger_24112014_222121.html 2014-11-24 21:43 - 2014-11-25 21:49 - 00000000 ____D () C:\Users\John\AppData\Roaming\McAfee TechCheck 2014-11-24 11:28 - 2014-11-24 11:28 - 04909382 _____ () C:\Users\John\Downloads\mbam-chameleon-3.1.7.0.zip 2014-11-24 11:27 - 2014-11-25 01:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit 2014-11-24 11:27 - 2014-11-24 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit 2014-11-24 00:02 - 2014-11-24 00:02 - 00007605 _____ () C:\Users\John\AppData\Local\resmon.resmoncfg 2014-11-21 23:04 - 2014-11-22 03:53 - 00003164 _____ () C:\Users\John\Downloads\Stinger_21112014_230447.html 2014-11-21 23:03 - 2014-11-21 23:03 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_230318.html 2014-11-21 22:56 - 2014-11-21 22:56 - 00000859 _____ () C:\Users\John\Downloads\Stinger_21112014_225609.html 2014-11-21 22:45 - 2014-11-21 22:45 - 00000296 _____ () C:\Users\John\Downloads\RootkitRemover_20141121_224522.log 2014-11-21 00:43 - 2014-11-26 20:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-20 22:37 - 2014-11-20 22:37 - 90611712 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit 2014-11-20 22:37 - 2014-11-20 22:37 - 00319488 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit 2014-11-20 22:37 - 2014-11-20 22:37 - 00061440 _____ () C:\WINDOWS\system32\config\SAM.iobit 2014-11-20 22:37 - 2014-11-20 22:37 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit 2014-11-20 12:36 - 2014-11-20 12:40 - 00000863 _____ () C:\Users\John\Downloads\Stinger_20112014_123632.html 2014-11-19 10:21 - 2014-11-24 18:25 - 00000000 ____D () C:\Users\John\Documents\Security Scan Nov 19, 21, 22, 24 2014 2014-11-19 01:27 - 2014-11-19 05:04 - 00001516 _____ () C:\Users\John\Downloads\Stinger_19112014_012703.html 2014-11-18 09:18 - 2014-11-18 09:18 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2014-11-17 22:01 - 2014-11-18 09:18 - 00000000 ____D () C:\Users\John\Documents\Kindle Order Nov 2104 2014-11-17 09:31 - 2014-11-17 09:31 - 00000000 __SHD () C:\Users\John\AppData\Local\EmieBrowserModeList 2014-11-17 09:02 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-11-17 09:02 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-12 23:02 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-11-12 23:02 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2014-11-12 23:02 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-11-12 23:02 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-11-12 23:02 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2014-11-12 23:02 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-11-12 23:02 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2014-11-12 23:02 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-11-12 23:02 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-11-12 23:02 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2014-11-12 23:02 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-11-12 23:02 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-11-12 23:02 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-11-12 23:02 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-11-12 23:02 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-11-12 23:02 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-11-12 23:02 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-11-12 23:02 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-11-12 23:01 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-11-12 23:01 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-11-12 23:01 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-11-12 23:01 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-11-12 23:01 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-11-12 23:01 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-11-12 23:01 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-11-12 23:01 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-11-12 23:01 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-12 23:01 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-11-12 23:01 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-11-12 23:01 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-11-12 23:01 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-11-12 23:01 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-11-12 23:01 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-11-12 23:01 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-11-12 23:01 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-11-12 23:01 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-11-12 23:01 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-11-12 23:01 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-11-12 23:01 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-11-12 23:01 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-11-12 23:01 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-11-12 23:01 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-11-12 23:01 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-11-12 23:01 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-11-12 23:00 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-11-12 23:00 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-11-12 23:00 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-11-12 23:00 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-11-12 23:00 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-11-12 23:00 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-11-12 23:00 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2014-11-12 23:00 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2014-11-12 22:59 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2014-11-12 22:59 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2014-11-12 22:59 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2014-11-12 22:59 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2014-11-12 22:59 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2014-11-12 22:59 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-11-12 22:59 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-11-12 22:59 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-11-12 22:59 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-12 22:59 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-11-12 22:59 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-11-12 22:59 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-11-12 22:59 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-11-12 22:59 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-11-12 22:59 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2014-11-12 22:59 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2014-11-12 22:59 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2014-11-12 22:59 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-11-12 22:59 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-11-12 22:59 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-11-12 22:59 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-11-12 22:59 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-11-12 22:59 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-11-12 22:59 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-11-12 22:59 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-12 22:59 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-11-12 22:59 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2014-11-12 22:59 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2014-11-12 22:59 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-11-12 22:59 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-11-12 22:59 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-11-12 22:59 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-11-12 22:59 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-11-12 22:59 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-11-12 22:59 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-11-12 22:59 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-11-12 22:59 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-11-12 22:59 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-11-12 22:59 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-11-12 22:59 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-11-12 22:59 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-11-12 22:59 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-11-12 22:59 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-11-12 22:59 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-11-12 22:59 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2014-11-12 22:59 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-11-12 22:59 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2014-11-12 22:59 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2014-11-12 22:59 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2014-11-12 22:59 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2014-11-12 22:59 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2014-11-12 22:59 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-11-12 22:59 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2014-11-12 22:59 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-11-12 22:59 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-11-12 22:59 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-11-12 22:59 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-11-12 22:59 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-11-12 22:59 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-11-12 22:59 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-11-12 22:59 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-11-12 22:59 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2014-11-12 22:59 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2014-11-12 22:59 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2014-11-12 22:59 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-11-12 22:59 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-11-12 22:59 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-11-12 22:59 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2014-11-12 22:59 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-11-12 22:59 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 22:59 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2014-11-12 22:59 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-11-12 22:59 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2014-11-12 22:59 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-11-12 22:59 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2014-11-12 22:59 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-11-12 22:59 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-11-12 22:59 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-11-12 22:59 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2014-11-12 22:59 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-11-12 22:59 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-11-12 22:59 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-11-12 22:59 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-11-12 22:59 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-11-12 22:59 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-11-12 22:59 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-11-12 22:59 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-11-12 22:59 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2014-11-12 22:59 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-11-12 22:59 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-11-12 22:59 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-11-12 22:58 - 2014-11-04 23:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-11-12 22:58 - 2014-11-04 00:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2014-11-12 22:58 - 2014-10-31 04:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2014-11-12 22:58 - 2014-10-31 04:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-11-12 22:58 - 2014-10-31 04:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2014-11-12 22:58 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-11-12 22:58 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-11-12 22:58 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-11-12 22:58 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-11-12 22:58 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-12 22:58 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-11-12 22:58 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2014-11-12 22:58 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-11-12 22:58 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-11-12 22:58 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-11-12 22:58 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-11-12 22:58 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-12 22:58 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-11-12 22:58 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-11-12 22:58 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-11-12 22:58 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-11-12 22:58 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-11-12 22:58 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-11-12 22:58 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-11-12 22:58 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-12 22:58 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-11-12 22:58 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-11-12 22:58 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-11-12 22:58 - 2014-08-31 00:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-11-12 22:58 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-11-12 22:58 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-11-12 22:58 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-12 22:58 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll 2014-11-12 22:58 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-12 22:58 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll 2014-11-12 22:58 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-11-12 22:58 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-11-12 22:58 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-11-12 22:58 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-11-12 22:58 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-11-12 22:58 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-11-12 22:58 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-11-12 22:58 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-11-12 22:58 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-12 22:58 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-11-12 22:58 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2014-11-09 03:26 - 2014-11-09 03:26 - 00001502 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Calculator.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-27 10:56 - 2013-07-12 10:52 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-11-27 10:36 - 2013-05-25 10:38 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-27 10:09 - 2013-07-17 22:04 - 00000112 ___RH () C:\Users\John\Downloads\Stinger.opt 2014-11-27 10:07 - 2013-07-17 20:34 - 00000000 ____D () C:\Stinger_Quarantine 2014-11-27 10:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-11-27 09:49 - 2013-05-25 10:15 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2736297338-2421970953-1943868259-1001 2014-11-27 08:50 - 2013-11-20 19:40 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DC2320E-BD55-4A81-9C75-67447304AC13} 2014-11-27 08:50 - 2013-09-30 04:04 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-11-27 08:50 - 2013-07-09 00:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-11-27 08:49 - 2013-11-19 10:40 - 01068154 _____ () C:\WINDOWS\WindowsUpdate.log 2014-11-27 08:48 - 2013-07-08 10:56 - 00000000 __RSD () C:\Users\John\Documents\McAfee Vaults 2014-11-27 08:46 - 2014-05-09 18:14 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55.job 2014-11-27 08:46 - 2014-03-22 13:12 - 00000000 ___DO () C:\Users\John\SkyDrive 2014-11-27 08:45 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-11-27 02:42 - 2013-08-22 13:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI 2014-11-26 23:24 - 2014-06-28 06:38 - 00001300 _____ () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-11-26 18:08 - 2013-05-25 10:06 - 00000000 ____D () C:\WINDOWS\pss 2014-11-26 17:45 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-11-25 22:52 - 2014-06-02 08:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-11-25 22:39 - 2013-05-25 10:09 - 00000000 ____D () C:\Users\John\Documents\Bluetooth Folder 2014-11-25 22:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-11-25 21:42 - 2013-11-22 19:51 - 00001984 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-11-25 21:42 - 2013-07-09 08:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-11-25 20:02 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-11-25 20:00 - 2014-09-05 07:55 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype 2014-11-25 20:00 - 2013-06-07 05:59 - 00000000 ____D () C:\ProgramData\Skype 2014-11-25 19:56 - 2013-07-12 10:52 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-11-25 17:32 - 2014-01-03 22:36 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-25 16:11 - 2013-12-07 09:30 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-25 02:14 - 2013-05-25 10:04 - 00000000 ____D () C:\Users\John\AppData\Local\Packages 2014-11-25 02:09 - 2014-09-27 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-25 01:50 - 2013-07-08 22:45 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-11-25 01:47 - 2013-05-25 10:05 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps 2014-11-25 01:44 - 2013-05-25 12:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\WildTangent 2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\ProgramData\WildTangent 2014-11-25 01:44 - 2013-05-15 03:33 - 00000000 ____D () C:\Program Files (x86)\WildGames 2014-11-25 01:37 - 2013-07-12 10:58 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-11-25 01:33 - 2013-05-27 12:19 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-11-25 01:02 - 2013-11-19 10:17 - 00000000 ____D () C:\Users\John 2014-11-25 01:01 - 2014-02-10 17:31 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite 2014-11-25 00:59 - 2013-10-15 02:44 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc 2014-11-25 00:59 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-11-25 00:59 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing 2014-11-25 00:57 - 2014-08-05 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8 2014-11-25 00:57 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Atheros 2014-11-25 00:57 - 2013-07-17 20:33 - 00000000 ____D () C:\Program Files (x86)\stinger 2014-11-25 00:57 - 2013-06-04 20:59 - 00000000 ____D () C:\ProgramData\IObit 2014-11-25 00:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration 2014-11-25 00:35 - 2013-12-07 09:30 - 00000000 ____D () C:\Users\John\AppData\Roaming\IObit 2014-11-25 00:31 - 2013-11-16 20:55 - 00000000 ____D () C:\Users\John\AppData\Local\Mozilla 2014-11-25 00:26 - 2013-06-04 20:59 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-11-24 22:47 - 2014-10-25 07:45 - 00000000 ____D () C:\Users\John\Documents\JK's Docs 2014-11-21 14:29 - 2014-09-01 20:52 - 00000000 ____D () C:\Users\John\Documents\Kevin Jenkins 2014-11-20 23:08 - 2014-07-28 16:40 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak38 2014-11-19 11:58 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated 2014-11-19 10:24 - 2014-10-25 07:46 - 00082432 ___SH () C:\Users\John\Documents\Thumbs.db 2014-11-18 21:44 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-11-18 09:26 - 2013-11-19 18:09 - 00000000 ___DC () C:\WINDOWS\Panther 2014-11-18 09:25 - 2013-06-02 18:52 - 00000000 ____D () C:\Users\John\Tracing 2014-11-17 12:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-11-17 09:01 - 2013-08-22 14:44 - 00503088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-11-15 13:26 - 2014-07-13 21:40 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-15 13:26 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-11-15 13:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-11-15 11:45 - 2014-10-21 16:42 - 00000000 ____D () C:\Users\John\Documents\CBA share valuations 2014-11-15 00:58 - 2013-06-11 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-14 12:31 - 2014-05-09 18:14 - 00003666 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cf6bb2827e1a55 2014-11-14 12:31 - 2013-05-25 10:38 - 00003902 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-09 21:14 - 2013-12-22 16:25 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-09 21:13 - 2014-10-25 09:30 - 00000000 ____D () C:\ProgramData\Adguard 2014-10-30 11:25 - 2013-08-17 18:34 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe Files to move or delete: ==================== C:\ProgramData\fontcacheev1.dat Some content of TEMP: ==================== C:\Users\John\AppData\Local\Temp\dllnt_dump.dll C:\Users\John\AppData\Local\Temp\Quarantine.exe C:\Users\John\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-27 09:49 ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top