Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Zeroaccess!cfg unrepairable
Message
<blockquote data-quote="lshendee" data-source="post: 134886" data-attributes="member: 12507"><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013</p><p>Ran by Lynne (administrator) on LYNNEHENDEE on 09-09-2013 06:32:11</p><p>Running from E:\</p><p>Windows 8 (X64) OS Language: English(US)</p><p>Internet Explorer Version 10</p><p>Boot Mode: Normal</p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe</p><p>() C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe</p><p>(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe</p><p>(Microsoft Corporation) C:\Windows\system32\dashost.exe</p><p>(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe</p><p>(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe</p><p>(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe</p><p>(McAfee, Inc.) C:\Windows\system32\mfevtps.exe</p><p>() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe</p><p>(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe</p><p>(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe</p><p>(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe</p><p>(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe</p><p>(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe</p><p>(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe</p><p>(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe</p><p>(McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe</p><p>(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>() C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Roxio Burn\RoxioBurnLauncher.exe</p><p>(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Microsoft Corporation) C:\Windows\system32\prevhost.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe</p><p>(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE</p><p>(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe</p><p>(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE</p><p>(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe</p><p>(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe</p><p>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe</p><p>(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16613_none_6273bd8950d6cae2\TiWorker.exe</p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()</p><p>HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)</p><p>HKLM\...\Policies\Explorer: [NoActiveDesktop] 1</p><p>HKLM\...\Policies\Explorer: [NoControlPanel] 0</p><p>HKCU\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [451656 2013-01-07] (TomTom)</p><p>HKCU\...\Run: [GoogleChromeAutoLaunch_6A12F0BBFE608579AB07135F9DFD76FE] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [829392 2013-09-02] (Google Inc.)</p><p>MountPoints2: {67ec6cba-6534-11e2-be78-7845c4380f68} - "H:\MI.exe" </p><p>HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)</p><p>HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)</p><p>HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)</p><p>HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)</p><p>HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)</p><p>HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)</p><p>HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)</p><p>HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)</p><p>HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)</p><p>HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)</p><p>HKLM-x32\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)</p><p>HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Common\RoxWatchTray14.exe [294032 2012-11-29] (Corel Corporation)</p><p>HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)</p><p>HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-05-15] (LogMeIn Inc.)</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [454600 2013-02-28] (McAfee, Inc.)</p><p>HKU\Mackinaw\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [451656 2013-01-07] (TomTom)</p><p>IMEO\sidebar.exe: [Debugger] C:\Program Files (x86)\Windows Sidebar\8GadgetPack.exe -run</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk</p><p>ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com</p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/</p><p>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp</p><p>SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}</p><p>SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}</p><p>SearchScopes: HKLM - {7E492935-6215-4766-95F8-83CA18516A2B} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS</p><p>SearchScopes: HKLM-x32 - {7E492935-6215-4766-95F8-83CA18516A2B} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS</p><p>SearchScopes: HKCU - {7E492935-6215-4766-95F8-83CA18516A2B} URL = </p><p>SearchScopes: HKCU - {FA533155-F2FE-4486-842E-089EA28D3653} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}</p><p>BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)</p><p>BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)</p><p>BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)</p><p>BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)</p><p>BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)</p><p>BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)</p><p>BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)</p><p>BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)</p><p>BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)</p><p>Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)</p><p>Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)</p><p>Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab</p><p>DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab</p><p>Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)</p><p>Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)</p><p>Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\Lynne\AppData\Roaming\Mozilla\Firefox\Profiles\r4q34n7i.default</p><p>FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll ()</p><p>FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()</p><p>FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)</p><p>FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()</p><p>FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)</p><p>FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p>FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Lynne\AppData\Local\Roblox\Versions\version-759151294bb84441\\NPRobloxProxy.dll ( ROBLOX Corporation)</p><p>FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\jmwgabsbmtxairm@wzcttjml.com</p><p>FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor</p><p>FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor</p><p>FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK</p><p>FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK</p><p></p><p>Chrome: </p><p>=======</p><p>CHR DefaultSearchURL: (Ask) - http://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=41C38969-F144-4076-AF1F-68B126EDBA2C&apn_ptnrs=TV&apn_sauid=834568E3-43CA-425C-AEED-70BB0522D6BF&apn_dtid=OSJ000YYUS&q={searchTerms}</p><p>CHR DefaultSuggestURL: (Ask) - http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}</p><p>CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()</p><p>CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer</p><p>CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()</p><p>CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()</p><p>CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)</p><p>CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)</p><p>CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)</p><p>CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)</p><p>CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)</p><p>CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)</p><p>CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)</p><p>CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)</p><p>CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)</p><p>CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)</p><p>CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)</p><p>CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File</p><p>CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)</p><p>CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)</p><p>CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>CHR Plugin: (Roblox Launcher Plugin) - C:\Users\Lynne\AppData\Local\Roblox\Versions\version-9ae7cc04e47a4b12\\NPRobloxProxy.dll No File</p><p>CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()</p><p>CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)</p><p>CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()</p><p>CHR Extension: (Google Docs) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0</p><p>CHR Extension: (Google Drive) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0</p><p>CHR Extension: (YouTube) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0</p><p>CHR Extension: (Google Search) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0</p><p>CHR Extension: (SiteAdvisor) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1241_0</p><p>CHR Extension: (Chrome In-App Payments service) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0</p><p>CHR Extension: (Gmail) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0</p><p>CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] ()</p><p>R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)</p><p>R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)</p><p>R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] ()</p><p>R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-23] (IvoSoft)</p><p>R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)</p><p>R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)</p><p>R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)</p><p>R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)</p><p>S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-08-23] (McAfee, Inc.)</p><p>R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)</p><p>R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)</p><p>R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-02-28] (McAfee, Inc.)</p><p>R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-04-03] (McAfee, Inc.)</p><p>R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-04-03] (McAfee, Inc.)</p><p>R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)</p><p>R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()</p><p>R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Roxio Burn\RoxioBurnLauncher.exe [535184 2012-07-05] ()</p><p>S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Common\RoxMediaDB14.exe [1096848 2012-11-29] (Corel Corporation)</p><p>S2 RoxWatch14; C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Common\RoxWatch14.exe [341136 2012-11-29] (Corel Corporation)</p><p>R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)</p><p>R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS)</p><p>R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)</p><p>S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)</p><p>R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros)</p><p>S2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [x]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-04-03] (McAfee, Inc.)</p><p>R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)</p><p>S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)</p><p>S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)</p><p>R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-04-03] (McAfee, Inc.)</p><p>R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309968 2013-04-03] (McAfee, Inc.)</p><p>S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69240 2013-04-03] (McAfee, Inc.)</p><p>R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516608 2013-04-03] (McAfee, Inc.)</p><p>R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [772944 2013-04-03] (McAfee, Inc.)</p><p>R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [337120 2013-02-18] (McAfee, Inc.)</p><p>S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.)</p><p>S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)</p><p>R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [342416 2013-04-03] (McAfee, Inc.)</p><p>R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)</p><p>R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation)</p><p>R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation)</p><p>R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation)</p><p>S3 ArcCD; No ImagePath</p><p>U1 ArcRec; No ImagePath</p><p>S4 ArcUdfs; No ImagePath</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>2013-09-09 06:22 - 2013-09-09 06:22 - 01948948 _____ (Farbar) C:\Users\Lynne\Downloads\FRST64.exe</p><p>2013-09-09 06:08 - 2013-09-09 06:16 - 00000000 ____D C:\AdwCleaner</p><p>2013-09-08 15:34 - 2013-09-08 15:34 - 00000000 ____D C:\Users\Lynne\Desktop\Computer Issues</p><p>2013-09-07 19:45 - 2013-09-09 06:24 - 00001846 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk</p><p>2013-09-07 19:44 - 2013-09-08 09:18 - 00000000 ____D C:\Program Files (x86)\McAfee</p><p>2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee.com</p><p>2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee</p><p>2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files (x86)\McAfee.com</p><p>2013-09-07 19:44 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys</p><p>2013-09-07 19:38 - 2013-04-03 13:34 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe</p><p>2013-09-07 19:33 - 2013-09-07 19:33 - 05102984 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\McAfeeSetup.exe</p><p>2013-09-07 19:26 - 2013-09-07 19:26 - 46812214 _____ (InstallShield Software Corporation) C:\Users\Mackinaw\Downloads\VSE88P3.exe</p><p>2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Malwarebytes</p><p>2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\ProgramData\Malwarebytes</p><p>2013-09-07 15:57 - 2013-09-07 15:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lynne\Downloads\mbam-setup-1.75.0.1300.exe</p><p>2013-09-07 15:41 - 2013-09-08 10:15 - 00000000 ____D C:\Users\Lynne\Desktop\RK_Quarantine</p><p>2013-09-07 13:28 - 2013-09-07 14:29 - 00000646 _____ C:\Users\Lynne\Downloads\Stinger_07092013_132803.html</p><p>2013-09-07 13:25 - 2013-09-07 13:25 - 00000000 ____D C:\Windows\pss</p><p>2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 _____ C:\Users\Lynne\Downloads\Stinger_07092013_115540.html</p><p>2013-09-07 10:05 - 2013-09-07 10:05 - 00060014 _____ C:\Users\Lynne\Downloads\Extras.Txt</p><p>2013-09-07 10:04 - 2013-09-07 10:04 - 00113400 _____ C:\Users\Lynne\Downloads\OTL.Txt</p><p>2013-09-07 09:56 - 2013-09-09 06:21 - 00000000 ____D C:\Users\Lynne\Desktop\0 ACCESSSSS</p><p>2013-09-07 09:32 - 2013-09-07 09:33 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907093205.txt</p><p>2013-09-07 09:26 - 2013-09-07 09:27 - 00001015 _____ C:\Users\Lynne\Downloads\Stinger_07092013_092623.html</p><p>2013-09-07 09:26 - 2013-09-07 09:26 - 00000000 ____D C:\Quarantine</p><p>2013-09-07 09:25 - 2013-09-07 17:36 - 00000000 ____D C:\Program Files\stinger</p><p>2013-09-07 09:25 - 2013-09-07 09:26 - 00498508 _____ C:\Users\Lynne\Downloads\runtime.dat</p><p>2013-09-07 09:25 - 2013-09-07 09:26 - 00000114 ___RH C:\Users\Lynne\Downloads\Stinger.opt</p><p>2013-09-07 09:09 - 2013-09-07 09:09 - 03856847 _____ C:\Users\Lynne\Downloads\epo5600eng.zip</p><p>2013-09-07 09:01 - 2013-09-07 09:23 - 00007605 _____ C:\Users\Lynne\AppData\Local\resmon.resmoncfg</p><p>2013-09-07 07:15 - 2013-09-07 07:17 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907071555.txt</p><p>2013-09-07 07:15 - 2013-09-07 07:15 - 00551408 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\rootkitremover.exe</p><p>2013-09-06 20:50 - 2013-09-06 20:50 - 00000000 ____D C:\ProgramData\softthinks</p><p>2013-09-06 19:46 - 2013-09-06 20:50 - 00000000 ____D C:\Users\Lynne\Documents\Profile1</p><p>2013-09-05 17:09 - 2013-09-05 17:11 - 00001177 _____ C:\Users\Mackinaw\Desktop\ROBLOX Studio 2013.lnk</p><p>2013-09-05 17:09 - 2013-09-05 17:09 - 00543088 _____ (ROBLOX Corporation) C:\Users\Mackinaw\Downloads\RobloxPlayerLauncher.exe</p><p>2013-09-05 17:09 - 2013-09-05 17:09 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\Roblox</p><p>2013-09-05 17:05 - 2013-09-05 17:05 - 00000000 ____D C:\ProgramData\nbaby</p><p>2013-08-30 08:51 - 2013-08-30 08:51 - 00000000 ____D C:\Users\Public\Juniper Networks</p><p>2013-08-30 08:51 - 2013-05-23 18:29 - 00594024 _____ (Juniper Networks) C:\Windows\system32\dsNcSmartCardProv.dll</p><p>2013-08-30 08:51 - 2013-05-23 18:29 - 00423528 _____ (Juniper Networks) C:\Windows\system32\dsNcCredProv.dll</p><p>2013-08-30 08:50 - 2013-08-30 08:51 - 00000000 ____D C:\Program Files (x86)\Juniper Networks</p><p>2013-08-30 08:49 - 2013-08-30 08:49 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (3).exe</p><p>2013-08-30 08:48 - 2013-08-30 09:02 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Juniper Networks</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (2).exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00000000 ____D C:\Users\Lynne\AppData\Local\Juniper Networks</p><p>2013-08-30 08:46 - 2013-08-30 08:47 - 00903080 _____ (Oracle Corporation) C:\Users\Lynne\Downloads\chromeinstall-7u25.exe</p><p>2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller.exe</p><p>2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (1).exe</p><p>2013-08-29 15:57 - 2013-08-29 16:41 - 00000000 ____D C:\Users\Mackinaw\AppData\Roaming\.minecraft</p><p>2013-08-29 15:57 - 2013-08-29 15:57 - 00675988 _____ C:\Users\Mackinaw\Downloads\Minecraft.exe</p><p>2013-08-14 11:37 - 2013-08-14 11:39 - 00000000 ____D C:\Windows\system32\MRT</p><p>2013-08-14 09:16 - 2013-07-09 02:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys</p><p>2013-08-14 09:16 - 2013-05-23 19:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll</p><p>2013-08-14 09:16 - 2013-05-23 18:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2013-08-14 09:15 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2013-08-14 09:15 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2013-08-14 09:15 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2013-08-14 09:15 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2013-08-14 09:15 - 2013-07-25 20:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll</p><p>2013-08-14 09:15 - 2013-07-13 02:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll</p><p>2013-08-14 09:15 - 2013-07-13 02:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll</p><p>2013-08-14 09:15 - 2013-07-13 02:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll</p><p>2013-08-14 09:15 - 2013-07-13 02:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll</p><p>2013-08-14 09:15 - 2013-07-13 02:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll</p><p>2013-08-14 09:15 - 2013-07-13 00:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</p><p>2013-08-14 09:15 - 2013-07-13 00:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll</p><p>2013-08-14 09:15 - 2013-07-13 00:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll</p><p>2013-08-14 09:15 - 2013-07-13 00:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll</p><p>2013-08-14 09:15 - 2013-07-01 20:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys</p><p>2013-08-14 09:15 - 2013-07-01 18:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>2013-09-09 06:31 - 2012-12-09 15:27 - 01928767 _____ C:\Windows\WindowsUpdate.log</p><p>2013-09-09 06:31 - 2012-07-26 03:28 - 00849856 _____ C:\Windows\system32\PerfStringBackup.INI</p><p>2013-09-09 06:30 - 2012-07-26 03:21 - 00028342 _____ C:\Windows\setupact.log</p><p>2013-09-09 06:28 - 2013-09-09 06:28 - 00000000 ____D C:\FRST</p><p>2013-09-09 06:26 - 2012-11-01 12:56 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery</p><p>2013-09-09 06:24 - 2013-09-07 19:45 - 00001846 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk</p><p>2013-09-09 06:24 - 2012-12-09 15:36 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1091386282-3387701449-470047853-1001</p><p>2013-09-09 06:22 - 2013-09-09 06:22 - 01948948 _____ (Farbar) C:\Users\Lynne\Downloads\FRST64.exe</p><p>2013-09-09 06:21 - 2013-09-07 09:56 - 00000000 ____D C:\Users\Lynne\Desktop\0 ACCESSSSS</p><p>2013-09-09 06:18 - 2013-03-11 11:43 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2013-09-09 06:18 - 2012-12-26 13:57 - 00000348 _____ C:\Windows\Tasks\GlaryInitialize.job</p><p>2013-09-09 06:18 - 2012-07-26 03:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT</p><p>2013-09-09 06:16 - 2013-09-09 06:08 - 00000000 ____D C:\AdwCleaner</p><p>2013-09-09 06:03 - 2013-03-11 11:43 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2013-09-09 06:00 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\system32\sru</p><p>2013-09-08 16:45 - 2013-01-29 20:18 - 00000000 ____D C:\Users\Lynne\AppData\Local\LogMeIn Hamachi</p><p>2013-09-08 15:58 - 2012-12-16 16:24 - 00000000 ____D C:\ProgramData\CanonIJPLM</p><p>2013-09-08 15:43 - 2012-03-31 11:34 - 00000000 ____D C:\Users\Lynne\Desktop\K E N N E T H</p><p>2013-09-08 15:34 - 2013-09-08 15:34 - 00000000 ____D C:\Users\Lynne\Desktop\Computer Issues</p><p>2013-09-08 15:26 - 2012-11-01 12:53 - 00000000 ____D C:\ProgramData\McAfee</p><p>2013-09-08 10:15 - 2013-09-07 15:41 - 00000000 ____D C:\Users\Lynne\Desktop\RK_Quarantine</p><p>2013-09-08 09:18 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files (x86)\McAfee</p><p>2013-09-08 09:17 - 2012-12-31 10:57 - 00000000 ____D C:\Windows\Minidump</p><p>2013-09-08 09:17 - 2012-11-01 14:39 - 00107636 _____ C:\Windows\PFRO.log</p><p>2013-09-08 08:31 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\ELAM</p><p>2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee.com</p><p>2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee</p><p>2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files (x86)\McAfee.com</p><p>2013-09-07 19:44 - 2012-11-01 12:53 - 00000000 ____D C:\Program Files\Common Files\mcafee</p><p>2013-09-07 19:44 - 2012-07-26 04:12 - 00000000 ___HD C:\Windows\ELAMBKUP</p><p>2013-09-07 19:33 - 2013-09-07 19:33 - 05102984 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\McAfeeSetup.exe</p><p>2013-09-07 19:26 - 2013-09-07 19:26 - 46812214 _____ (InstallShield Software Corporation) C:\Users\Mackinaw\Downloads\VSE88P3.exe</p><p>2013-09-07 19:16 - 2013-04-26 08:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox</p><p>2013-09-07 18:56 - 2010-08-20 20:28 - 00000000 ____D C:\Users\Lynne\Desktop\L Y N N E</p><p>2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Malwarebytes</p><p>2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\ProgramData\Malwarebytes</p><p>2013-09-07 17:36 - 2013-09-07 09:25 - 00000000 ____D C:\Program Files\stinger</p><p>2013-09-07 15:57 - 2013-09-07 15:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lynne\Downloads\mbam-setup-1.75.0.1300.exe</p><p>2013-09-07 14:29 - 2013-09-07 13:28 - 00000646 _____ C:\Users\Lynne\Downloads\Stinger_07092013_132803.html</p><p>2013-09-07 13:25 - 2013-09-07 13:25 - 00000000 ____D C:\Windows\pss</p><p>2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 _____ C:\Users\Lynne\Downloads\Stinger_07092013_115540.html</p><p>2013-09-07 10:05 - 2013-09-07 10:05 - 00060014 _____ C:\Users\Lynne\Downloads\Extras.Txt</p><p>2013-09-07 10:04 - 2013-09-07 10:04 - 00113400 _____ C:\Users\Lynne\Downloads\OTL.Txt</p><p>2013-09-07 09:33 - 2013-09-07 09:32 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907093205.txt</p><p>2013-09-07 09:27 - 2013-09-07 09:26 - 00001015 _____ C:\Users\Lynne\Downloads\Stinger_07092013_092623.html</p><p>2013-09-07 09:26 - 2013-09-07 09:26 - 00000000 ____D C:\Quarantine</p><p>2013-09-07 09:26 - 2013-09-07 09:25 - 00498508 _____ C:\Users\Lynne\Downloads\runtime.dat</p><p>2013-09-07 09:26 - 2013-09-07 09:25 - 00000114 ___RH C:\Users\Lynne\Downloads\Stinger.opt</p><p>2013-09-07 09:23 - 2013-09-07 09:01 - 00007605 _____ C:\Users\Lynne\AppData\Local\resmon.resmoncfg</p><p>2013-09-07 09:09 - 2013-09-07 09:09 - 03856847 _____ C:\Users\Lynne\Downloads\epo5600eng.zip</p><p>2013-09-07 07:17 - 2013-09-07 07:15 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907071555.txt</p><p>2013-09-07 07:15 - 2013-09-07 07:15 - 00551408 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\rootkitremover.exe</p><p>2013-09-06 20:50 - 2013-09-06 20:50 - 00000000 ____D C:\ProgramData\softthinks</p><p>2013-09-06 20:50 - 2013-09-06 19:46 - 00000000 ____D C:\Users\Lynne\Documents\Profile1</p><p>2013-09-06 20:50 - 2012-11-01 16:14 - 00000000 __SHD C:\System Recovery</p><p>2013-09-06 19:43 - 2012-12-09 16:18 - 00000000 ____D C:\Users\Lynne\AppData\Local\softthinks</p><p>2013-09-06 07:10 - 2012-12-09 18:52 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\.minecraft</p><p>2013-09-05 21:00 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\BBI</p><p>2013-09-05 17:17 - 2012-12-11 21:18 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox</p><p>2013-09-05 17:16 - 2013-06-09 17:00 - 00001174 _____ C:\Users\Lynne\Desktop\ROBLOX Studio 2013.lnk</p><p>2013-09-05 17:11 - 2013-09-05 17:09 - 00001177 _____ C:\Users\Mackinaw\Desktop\ROBLOX Studio 2013.lnk</p><p>2013-09-05 17:09 - 2013-09-05 17:09 - 00543088 _____ (ROBLOX Corporation) C:\Users\Mackinaw\Downloads\RobloxPlayerLauncher.exe</p><p>2013-09-05 17:09 - 2013-09-05 17:09 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\Roblox</p><p>2013-09-05 17:08 - 2013-04-14 20:13 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\LogMeIn Hamachi</p><p>2013-09-05 17:05 - 2013-09-05 17:05 - 00000000 ____D C:\ProgramData\nbaby</p><p>2013-09-05 17:03 - 2012-12-22 20:40 - 00000000 ____D C:\ProgramData\Sendori</p><p>2013-09-05 07:19 - 2010-10-04 12:59 - 04594688 ___SH C:\Users\Lynne\Desktop\Thumbs.db</p><p>2013-09-05 06:34 - 2012-12-09 15:43 - 00000000 ____D C:\Program Files (x86)\Google</p><p>2013-08-31 12:21 - 2012-12-17 07:21 - 00000000 ____D C:\Users\Lynne\AppData\Local\Windows Live</p><p>2013-08-30 09:02 - 2013-08-30 08:48 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Juniper Networks</p><p>2013-08-30 08:51 - 2013-08-30 08:51 - 00000000 ____D C:\Users\Public\Juniper Networks</p><p>2013-08-30 08:51 - 2013-08-30 08:50 - 00000000 ____D C:\Program Files (x86)\Juniper Networks</p><p>2013-08-30 08:49 - 2013-08-30 08:49 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (3).exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (2).exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll</p><p>2013-08-30 08:48 - 2013-08-30 08:48 - 00000000 ____D C:\Users\Lynne\AppData\Local\Juniper Networks</p><p>2013-08-30 08:48 - 2012-12-09 18:52 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll</p><p>2013-08-30 08:48 - 2012-12-09 18:52 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll</p><p>2013-08-30 08:47 - 2013-08-30 08:46 - 00903080 _____ (Oracle Corporation) C:\Users\Lynne\Downloads\chromeinstall-7u25.exe</p><p>2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller.exe</p><p>2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (1).exe</p><p>2013-08-30 04:18 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\AUInstallAgent</p><p>2013-08-29 18:11 - 2012-12-21 07:54 - 00000000 ____D C:\ProgramData\Microsoft Help</p><p>2013-08-29 16:41 - 2013-08-29 15:57 - 00000000 ____D C:\Users\Mackinaw\AppData\Roaming\.minecraft</p><p>2013-08-29 16:01 - 2013-04-18 20:17 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\Clipboarder</p><p>2013-08-29 15:57 - 2013-08-29 15:57 - 00675988 _____ C:\Users\Mackinaw\Downloads\Minecraft.exe</p><p>2013-08-19 17:46 - 2010-11-21 18:51 - 00000000 ____D C:\Users\Lynne\Desktop\M A C</p><p>2013-08-15 10:20 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\rescache</p><p>2013-08-15 07:20 - 2012-07-26 04:12 - 00000000 ____D C:\Program Files\Windows Defender</p><p>2013-08-15 07:20 - 2012-07-26 04:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender</p><p>2013-08-14 11:39 - 2013-08-14 11:37 - 00000000 ____D C:\Windows\system32\MRT</p><p>2013-08-14 11:37 - 2012-12-13 04:05 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p></p><p>Files to move or delete:</p><p>====================</p><p>C:\Users\Lynne\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe</p><p>C:\Users\Lynne\AppData\Local\Temp\Quarantine.exe</p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>C:\Windows\System32\winlogon.exe => MD5 is legit</p><p>C:\Windows\System32\wininit.exe => MD5 is legit</p><p>C:\Windows\explorer.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\explorer.exe => MD5 is legit</p><p>C:\Windows\System32\svchost.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\svchost.exe => MD5 is legit</p><p>C:\Windows\System32\services.exe => MD5 is legit</p><p>C:\Windows\System32\User32.dll => MD5 is legit</p><p>C:\Windows\SysWOW64\User32.dll => MD5 is legit</p><p>C:\Windows\System32\userinit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\userinit.exe => MD5 is legit</p><p>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</p><p></p><p></p><p>LastRegBack: 2013-09-09 03:01</p><p></p><p>==================== End Of Log ============================</p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013</p><p>Ran by Lynne at 2013-09-09 06:32:56</p><p>Running from E:\</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Installed Programs =======================</p><p></p><p> </p><p>8GadgetPack (x32 Version: 4.1.0)</p><p>Adobe Flash Player 11 Plugin (x32 Version: 11.5.502.146)</p><p>Adobe Photoshop Elements 2.0 (x32 Version: 2.0)</p><p>Adobe Reader XI (11.0.01) (x32 Version: 11.0.01)</p><p>Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)</p><p>Amazon Browser App (x32 Version: 1.0.0.0)</p><p>Any Video Converter 5.0.5 (x32)</p><p>Apple Application Support (x32 Version: 2.3.3)</p><p>Apple Mobile Device Support (Version: 6.1.0.13)</p><p>Apple Software Update (x32 Version: 2.1.3.127)</p><p>Bonjour (Version: 3.0.0.10)</p><p>Canon Easy-PhotoPrint EX (x32)</p><p>Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (x32)</p><p>Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (x32)</p><p>Canon Easy-PhotoPrint Pro (x32)</p><p>Canon MG8100 series MP Drivers</p><p>Canon MP Navigator EX 4.0 (x32)</p><p>Canon My Printer (x32)</p><p>Canon Solution Menu EX (x32)</p><p>Classic Shell (Version: 3.6.4)</p><p>CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a)</p><p>CyberLink Media Suite 10 (x32 Version: 10.0.1.1913)</p><p>CyberLink Media Suite Essentials (x32 Version: 10.0)</p><p>CyberLink Power2Go 8 (x32 Version: 8.0.0.1904)</p><p>CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904)</p><p>CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52)</p><p>D3DX10 (x32 Version: 15.4.2368.0902)</p><p>Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)</p><p>Dell Backup and Recovery - Support Software (x32 Version: 1.0.0.5)</p><p>Dell Backup and Recovery (x32 Version: 1.0.0.5)</p><p>Dell Digital Delivery (x32 Version: 2.2.4000.0)</p><p>Dell Wireless Driver Installation (x32 Version: 10.0)</p><p>DirectX 9 Runtime (x32 Version: 1.00.0000)</p><p>Easy CD & DVD Burning Content (x32 Version: 14.0.030)</p><p>exant SmartAudio HD (Version: 8.50.12.0)</p><p>GIMP 2.8.4 (Version: 2.8.4)</p><p>Glary Utilities 2.51.0.1666 (x32 Version: 2.51.0.1666)</p><p>Google Chrome (x32 Version: 29.0.1547.66)</p><p>Google Update Helper (x32 Version: 1.3.21.153)</p><p>Intel(R) Control Center (x32 Version: 1.2.1.1008)</p><p>Intel(R) Management Engine Components (x32 Version: 8.1.0.1281)</p><p>Intel(R) Processor Graphics (x32 Version: 9.17.10.2849)</p><p>Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)</p><p>Intel® Trusted Connect Service Client (Version: 1.24.738.1)</p><p>iTunes (Version: 11.0.2.26)</p><p>Java 7 Update 11 (64-bit) (Version: 7.0.110)</p><p>Java 7 Update 25 (x32 Version: 7.0.250)</p><p>Java Auto Updater (x32 Version: 2.1.9.5)</p><p>Juniper Networks Network Connect 7.4.0 (x32 Version: 7.4.0.25351)</p><p>Juniper Networks, Inc. Setup Client (HKCU Version: 7.4.3.36355)</p><p>Juniper Networks, Inc. Setup Client 64-bit Activex Control (Version: 2.1.1.1)</p><p>Juniper Networks, Inc. Setup Client Activex Control (x32 Version: 2.1.1.1)</p><p>Junk Mail filter update (x32 Version: 16.4.3505.0912)</p><p>LogMeIn Hamachi (x32 Version: 2.1.0.374)</p><p>McAfee SecurityCenter (x32 Version: 12.1.353)</p><p>Microsoft Application Error Reporting (Version: 12.0.6015.5000)</p><p>Microsoft Office (x32 Version: 14.0.6120.5004)</p><p>Microsoft Office 2010 Service Pack 1 (SP1) (x32)</p><p>Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)</p><p>Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)</p><p>Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)</p><p>Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)</p><p>Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)</p><p>Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)</p><p>Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)</p><p>Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)</p><p>Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)</p><p>Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)</p><p>Movie Maker (x32 Version: 16.4.3505.0912)</p><p>Mozilla Firefox 20.0.1 (x86 en-US) (x32 Version: 20.0.1)</p><p>Mozilla Maintenance Service (x32 Version: 20.0.1)</p><p>MSVCRT (x32 Version: 15.4.2862.0708)</p><p>MSVCRT Redists (x32 Version: 1.0)</p><p>MSVCRT_amd64 (x32 Version: 15.4.2862.0708)</p><p>MSVCRT110 (x32 Version: 16.4.1108.0727)</p><p>MSVCRT110_amd64 (Version: 16.4.1109.0912)</p><p>My Dell (Version: 3.3.6280.92)</p><p>MyTomTom 3.2.0.906 (x32 Version: 3.2.0.906)</p><p>Photo Gallery (x32 Version: 16.4.3505.0912)</p><p>Photo Story 3 for Windows (x32 Version: 3.0.1115.11)</p><p>QuickTime (x32 Version: 7.73.80.64)</p><p>RBVirtualFolder64Inst (Version: 1.00.0000)</p><p>ROBLOX Player for Lynne (HKCU)</p><p>ROBLOX Studio 2013 for Lynne (HKCU)</p><p>Roxio BackOnTrack (x32 Version: 4.5)</p><p>Roxio Burn (x32 Version: 2.0)</p><p>Roxio Central (x32 Version: 7.0.0)</p><p>Roxio Easy CD and DVD Burning (x32 Version: 1.4.222)</p><p>Roxio Easy CD and DVD Burning (x32 Version: 14.0.49.2)</p><p>Sendori (x32 Version: 2.0.15)</p><p>Shared C Run-time for x64 (Version: 10.0.0)</p><p>Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0)</p><p>swMSM (x32 Version: 12.0.0.1)</p><p>TeamViewer 8 (x32 Version: 8.0.16642)</p><p>Update for Microsoft Office 2010 (KB2553065) (x32)</p><p>Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2566458) (x32)</p><p>Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)</p><p>Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)</p><p>Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)</p><p>Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)</p><p>Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)</p><p>Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)</p><p>Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)</p><p>Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)</p><p>Vegas Pro 11.0 (x32 Version: 11.0.682)</p><p>Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0)</p><p>Windows Live Communications Platform (x32 Version: 16.4.3505.0912)</p><p>Windows Live Essentials (x32 Version: 16.4.3505.0912)</p><p>Windows Live Installer (x32 Version: 16.4.3505.0912)</p><p>Windows Live Mail (x32 Version: 16.4.3505.0912)</p><p>Windows Live Messenger (x32 Version: 16.4.3505.0912)</p><p>Windows Live MIME IFilter (Version: 16.4.3505.0912)</p><p>Windows Live Photo Common (x32 Version: 16.4.3505.0912)</p><p>Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)</p><p>Windows Live SOXE (x32 Version: 16.4.3505.0912)</p><p>Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)</p><p>Windows Live UX Platform (x32 Version: 16.4.3505.0912)</p><p>Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)</p><p>Windows Live Writer (x32 Version: 16.4.3505.0912)</p><p>Windows Live Writer Resources (x32 Version: 16.4.3505.0912)</p><p>WinRAR 4.20 (64-bit) (Version: 4.20.0)</p><p>WinRAR Packages (HKCU)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>07-09-2013 23:22:03 Installed McAfee VirusScan Enterprise.</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>2012-07-26 01:26 - 2013-08-30 10:10 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>Task: {04775B23-53A9-417C-A988-49D3DD31FB23} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect</p><p>Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation)</p><p>Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical</p><p>Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler</p><p>Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)</p><p>Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents</p><p>Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance</p><p>Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy</p><p>Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)</p><p>Task: {2A65F893-A5C5-4DAB-A650-FD99BD475D3F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task</p><p>Task: {2AC0D6D8-21E7-4491-8141-8BA8FAC7163A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall</p><p>Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh</p><p>Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks</p><p>Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update</p><p>Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator</p><p>Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask</p><p>Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem</p><p>Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance</p><p>Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage</p><p>Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)</p><p>Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon</p><p>Task: {4F7D2764-C269-47B6-8086-988B898844EA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall</p><p>Task: {50ABA94D-E849-485E-BA91-174F2C685EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)</p><p>Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance</p><p>Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required</p><p>Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation)</p><p>Task: {66FE2F79-6950-4974-B108-1DCFAF95098F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)</p><p>Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)</p><p>Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319</p><p>Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update</p><p>Task: {76413BDF-12A3-40F8-BDD8-A78B10C837C2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.)</p><p>Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance</p><p>Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance</p><p>Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)</p><p>Task: {900E75C3-A5F3-4FD1-91F5-C330F3882810} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1091386282-3387701449-470047853-1001</p><p>Task: {901E0C63-1A9B-4675-8F15-FA8B43273EC0} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1091386282-3387701449-470047853-1004 => C:\Windows\System32\portabledeviceapi.dll [2012-07-25] (Microsoft Corporation)</p><p>Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses</p><p>Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime</p><p>Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64</p><p>Task: {9605EB24-BED2-40BA-BA91-960249578E1E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv</p><p>Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic</p><p>Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)</p><p>Task: {A7AA1B0E-2FFF-49FD-8509-E5EB90F5A8A2} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe</p><p>Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask</p><p>Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh</p><p>Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask</p><p>Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask</p><p>Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan</p><p>Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific</p><p>Task: {BD5B181F-2A05-4F6F-B973-D46ECF18C53F} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2012-12-07] (Glarysoft Ltd)</p><p>Task: {BD60E878-672E-4B3D-A3BE-0058AADB6F68} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup</p><p>Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan</p><p>Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender</p><p>Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-25] (Microsoft Corporation)</p><p>Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork</p><p>Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical</p><p>Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery</p><p>Task: {E18BC818-DF31-4BD5-8178-197393ED16CB} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-07-17] (PC-Doctor, Inc.)</p><p>Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask</p><p>Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)</p><p>Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started</p><p>Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-25] (Microsoft Corporation)</p><p>Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM</p><p>Task: {F5AB8BF7-6B84-494D-9200-CEC052A6D37C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc</p><p>Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2012-12-23 16:28 - 2012-12-23 16:28 - 01989632 _____ (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll</p><p>2012-07-26 03:55 - 2012-07-26 03:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll</p><p>2013-02-03 18:54 - 2013-02-03 18:54 - 00244696 _____ (Microsoft Corporation) C:\Users\Lynne\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll</p><p>2013-02-03 18:54 - 2013-02-03 18:54 - 00661448 _____ (Microsoft Corporation) C:\Users\Lynne\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCP110.dll</p><p>2013-02-03 18:54 - 2013-02-03 18:54 - 00828872 _____ (Microsoft Corporation) C:\Users\Lynne\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCR110.dll</p><p>2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF</p><p>2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll</p><p>2012-12-23 16:28 - 2012-12-23 16:28 - 00741888 _____ (IvoSoft) C:\Program Files\Classic Shell\ClassicExplorer64.dll</p><p>2012-10-06 01:12 - 2012-10-06 01:12 - 00286208 _____ (Intel Corporation) C:\Windows\system32\</p></blockquote><p></p>
[QUOTE="lshendee, post: 134886, member: 12507"] Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 Ran by Lynne (administrator) on LYNNEHENDEE on 09-09-2013 06:32:11 Running from E:\ Windows 8 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe () C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\system32\mfevtps.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe (Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe (McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Roxio Burn\RoxioBurnLauncher.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\system32\prevhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe (McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16613_none_6273bd8950d6cae2\TiWorker.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKCU\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [451656 2013-01-07] (TomTom) HKCU\...\Run: [GoogleChromeAutoLaunch_6A12F0BBFE608579AB07135F9DFD76FE] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [829392 2013-09-02] (Google Inc.) MountPoints2: {67ec6cba-6534-11e2-be78-7845c4380f68} - "H:\MI.exe" HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation) HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.) HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.) HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Common\RoxWatchTray14.exe [294032 2012-11-29] (Corel Corporation) HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-05-15] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [454600 2013-02-28] (McAfee, Inc.) HKU\Mackinaw\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [451656 2013-01-07] (TomTom) IMEO\sidebar.exe: [Debugger] C:\Program Files (x86)\Windows Sidebar\8GadgetPack.exe -run Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM - {7E492935-6215-4766-95F8-83CA18516A2B} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS SearchScopes: HKLM-x32 - {7E492935-6215-4766-95F8-83CA18516A2B} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS SearchScopes: HKCU - {7E492935-6215-4766-95F8-83CA18516A2B} URL = SearchScopes: HKCU - {FA533155-F2FE-4486-842E-089EA28D3653} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms} BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\Lynne\AppData\Roaming\Mozilla\Firefox\Profiles\r4q34n7i.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll () FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Lynne\AppData\Local\Roblox\Versions\version-759151294bb84441\\NPRobloxProxy.dll ( ROBLOX Corporation) FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\jmwgabsbmtxairm@wzcttjml.com FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK Chrome: ======= CHR DefaultSearchURL: (Ask) - http://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=41C38969-F144-4076-AF1F-68B126EDBA2C&apn_ptnrs=TV&apn_sauid=834568E3-43CA-425C-AEED-70BB0522D6BF&apn_dtid=OSJ000YYUS&q={searchTerms} CHR DefaultSuggestURL: (Ask) - http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Roblox Launcher Plugin) - C:\Users\Lynne\AppData\Local\Roblox\Versions\version-9ae7cc04e47a4b12\\NPRobloxProxy.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () CHR Extension: (Google Docs) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (SiteAdvisor) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1241_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR Extension: (Gmail) - C:\Users\Lynne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx ==================== Services (Whitelisted) ================= R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] () R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.) R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] () R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-23] (IvoSoft) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-08-23] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-02-28] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-04-03] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-04-03] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Roxio Burn\RoxioBurnLauncher.exe [535184 2012-07-05] () S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Common\RoxMediaDB14.exe [1096848 2012-11-29] (Corel Corporation) S2 RoxWatch14; C:\Program Files (x86)\Roxio Easy CD & DVD Burning\Common\RoxWatch14.exe [341136 2012-11-29] (Corel Corporation) R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS) R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) S2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [x] ==================== Drivers (Whitelisted) ==================== R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-04-03] (McAfee, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-04-03] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309968 2013-04-03] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69240 2013-04-03] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516608 2013-04-03] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [772944 2013-04-03] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [337120 2013-02-18] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [342416 2013-04-03] (McAfee, Inc.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation) R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation) R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation) S3 ArcCD; No ImagePath U1 ArcRec; No ImagePath S4 ArcUdfs; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-09 06:22 - 2013-09-09 06:22 - 01948948 _____ (Farbar) C:\Users\Lynne\Downloads\FRST64.exe 2013-09-09 06:08 - 2013-09-09 06:16 - 00000000 ____D C:\AdwCleaner 2013-09-08 15:34 - 2013-09-08 15:34 - 00000000 ____D C:\Users\Lynne\Desktop\Computer Issues 2013-09-07 19:45 - 2013-09-09 06:24 - 00001846 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk 2013-09-07 19:44 - 2013-09-08 09:18 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee.com 2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee 2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2013-09-07 19:44 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys 2013-09-07 19:38 - 2013-04-03 13:34 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe 2013-09-07 19:33 - 2013-09-07 19:33 - 05102984 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\McAfeeSetup.exe 2013-09-07 19:26 - 2013-09-07 19:26 - 46812214 _____ (InstallShield Software Corporation) C:\Users\Mackinaw\Downloads\VSE88P3.exe 2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Malwarebytes 2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-07 15:57 - 2013-09-07 15:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lynne\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-07 15:41 - 2013-09-08 10:15 - 00000000 ____D C:\Users\Lynne\Desktop\RK_Quarantine 2013-09-07 13:28 - 2013-09-07 14:29 - 00000646 _____ C:\Users\Lynne\Downloads\Stinger_07092013_132803.html 2013-09-07 13:25 - 2013-09-07 13:25 - 00000000 ____D C:\Windows\pss 2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 _____ C:\Users\Lynne\Downloads\Stinger_07092013_115540.html 2013-09-07 10:05 - 2013-09-07 10:05 - 00060014 _____ C:\Users\Lynne\Downloads\Extras.Txt 2013-09-07 10:04 - 2013-09-07 10:04 - 00113400 _____ C:\Users\Lynne\Downloads\OTL.Txt 2013-09-07 09:56 - 2013-09-09 06:21 - 00000000 ____D C:\Users\Lynne\Desktop\0 ACCESSSSS 2013-09-07 09:32 - 2013-09-07 09:33 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907093205.txt 2013-09-07 09:26 - 2013-09-07 09:27 - 00001015 _____ C:\Users\Lynne\Downloads\Stinger_07092013_092623.html 2013-09-07 09:26 - 2013-09-07 09:26 - 00000000 ____D C:\Quarantine 2013-09-07 09:25 - 2013-09-07 17:36 - 00000000 ____D C:\Program Files\stinger 2013-09-07 09:25 - 2013-09-07 09:26 - 00498508 _____ C:\Users\Lynne\Downloads\runtime.dat 2013-09-07 09:25 - 2013-09-07 09:26 - 00000114 ___RH C:\Users\Lynne\Downloads\Stinger.opt 2013-09-07 09:09 - 2013-09-07 09:09 - 03856847 _____ C:\Users\Lynne\Downloads\epo5600eng.zip 2013-09-07 09:01 - 2013-09-07 09:23 - 00007605 _____ C:\Users\Lynne\AppData\Local\resmon.resmoncfg 2013-09-07 07:15 - 2013-09-07 07:17 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907071555.txt 2013-09-07 07:15 - 2013-09-07 07:15 - 00551408 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\rootkitremover.exe 2013-09-06 20:50 - 2013-09-06 20:50 - 00000000 ____D C:\ProgramData\softthinks 2013-09-06 19:46 - 2013-09-06 20:50 - 00000000 ____D C:\Users\Lynne\Documents\Profile1 2013-09-05 17:09 - 2013-09-05 17:11 - 00001177 _____ C:\Users\Mackinaw\Desktop\ROBLOX Studio 2013.lnk 2013-09-05 17:09 - 2013-09-05 17:09 - 00543088 _____ (ROBLOX Corporation) C:\Users\Mackinaw\Downloads\RobloxPlayerLauncher.exe 2013-09-05 17:09 - 2013-09-05 17:09 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\Roblox 2013-09-05 17:05 - 2013-09-05 17:05 - 00000000 ____D C:\ProgramData\nbaby 2013-08-30 08:51 - 2013-08-30 08:51 - 00000000 ____D C:\Users\Public\Juniper Networks 2013-08-30 08:51 - 2013-05-23 18:29 - 00594024 _____ (Juniper Networks) C:\Windows\system32\dsNcSmartCardProv.dll 2013-08-30 08:51 - 2013-05-23 18:29 - 00423528 _____ (Juniper Networks) C:\Windows\system32\dsNcCredProv.dll 2013-08-30 08:50 - 2013-08-30 08:51 - 00000000 ____D C:\Program Files (x86)\Juniper Networks 2013-08-30 08:49 - 2013-08-30 08:49 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (3).exe 2013-08-30 08:48 - 2013-08-30 09:02 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Juniper Networks 2013-08-30 08:48 - 2013-08-30 08:48 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (2).exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-08-30 08:48 - 2013-08-30 08:48 - 00000000 ____D C:\Users\Lynne\AppData\Local\Juniper Networks 2013-08-30 08:46 - 2013-08-30 08:47 - 00903080 _____ (Oracle Corporation) C:\Users\Lynne\Downloads\chromeinstall-7u25.exe 2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller.exe 2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (1).exe 2013-08-29 15:57 - 2013-08-29 16:41 - 00000000 ____D C:\Users\Mackinaw\AppData\Roaming\.minecraft 2013-08-29 15:57 - 2013-08-29 15:57 - 00675988 _____ C:\Users\Mackinaw\Downloads\Minecraft.exe 2013-08-14 11:37 - 2013-08-14 11:39 - 00000000 ____D C:\Windows\system32\MRT 2013-08-14 09:16 - 2013-07-09 02:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 09:16 - 2013-05-23 19:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 09:16 - 2013-05-23 18:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-14 09:15 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-14 09:15 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-14 09:15 - 2013-07-26 01:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-08-14 09:15 - 2013-07-26 01:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2013-08-14 09:15 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-14 09:15 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-14 09:15 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-14 09:15 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-14 09:15 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-14 09:15 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-14 09:15 - 2013-07-25 23:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-14 09:15 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-14 09:15 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-14 09:15 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-14 09:15 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-14 09:15 - 2013-07-25 20:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2013-08-14 09:15 - 2013-07-13 02:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 09:15 - 2013-07-13 02:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 09:15 - 2013-07-13 02:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 09:15 - 2013-07-13 02:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2013-08-14 09:15 - 2013-07-13 02:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2013-08-14 09:15 - 2013-07-13 00:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-14 09:15 - 2013-07-13 00:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-14 09:15 - 2013-07-13 00:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2013-08-14 09:15 - 2013-07-13 00:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2013-08-14 09:15 - 2013-07-01 20:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2013-08-14 09:15 - 2013-07-01 18:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys ==================== One Month Modified Files and Folders ======= 2013-09-09 06:31 - 2012-12-09 15:27 - 01928767 _____ C:\Windows\WindowsUpdate.log 2013-09-09 06:31 - 2012-07-26 03:28 - 00849856 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-09 06:30 - 2012-07-26 03:21 - 00028342 _____ C:\Windows\setupact.log 2013-09-09 06:28 - 2013-09-09 06:28 - 00000000 ____D C:\FRST 2013-09-09 06:26 - 2012-11-01 12:56 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2013-09-09 06:24 - 2013-09-07 19:45 - 00001846 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk 2013-09-09 06:24 - 2012-12-09 15:36 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1091386282-3387701449-470047853-1001 2013-09-09 06:22 - 2013-09-09 06:22 - 01948948 _____ (Farbar) C:\Users\Lynne\Downloads\FRST64.exe 2013-09-09 06:21 - 2013-09-07 09:56 - 00000000 ____D C:\Users\Lynne\Desktop\0 ACCESSSSS 2013-09-09 06:18 - 2013-03-11 11:43 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-09 06:18 - 2012-12-26 13:57 - 00000348 _____ C:\Windows\Tasks\GlaryInitialize.job 2013-09-09 06:18 - 2012-07-26 03:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-09 06:16 - 2013-09-09 06:08 - 00000000 ____D C:\AdwCleaner 2013-09-09 06:03 - 2013-03-11 11:43 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-09 06:00 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-08 16:45 - 2013-01-29 20:18 - 00000000 ____D C:\Users\Lynne\AppData\Local\LogMeIn Hamachi 2013-09-08 15:58 - 2012-12-16 16:24 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-08 15:43 - 2012-03-31 11:34 - 00000000 ____D C:\Users\Lynne\Desktop\K E N N E T H 2013-09-08 15:34 - 2013-09-08 15:34 - 00000000 ____D C:\Users\Lynne\Desktop\Computer Issues 2013-09-08 15:26 - 2012-11-01 12:53 - 00000000 ____D C:\ProgramData\McAfee 2013-09-08 10:15 - 2013-09-07 15:41 - 00000000 ____D C:\Users\Lynne\Desktop\RK_Quarantine 2013-09-08 09:18 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-09-08 09:17 - 2012-12-31 10:57 - 00000000 ____D C:\Windows\Minidump 2013-09-08 09:17 - 2012-11-01 14:39 - 00107636 _____ C:\Windows\PFRO.log 2013-09-08 08:31 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee.com 2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files\McAfee 2013-09-07 19:44 - 2013-09-07 19:44 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2013-09-07 19:44 - 2012-11-01 12:53 - 00000000 ____D C:\Program Files\Common Files\mcafee 2013-09-07 19:44 - 2012-07-26 04:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-09-07 19:33 - 2013-09-07 19:33 - 05102984 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\McAfeeSetup.exe 2013-09-07 19:26 - 2013-09-07 19:26 - 46812214 _____ (InstallShield Software Corporation) C:\Users\Mackinaw\Downloads\VSE88P3.exe 2013-09-07 19:16 - 2013-04-26 08:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-07 18:56 - 2010-08-20 20:28 - 00000000 ____D C:\Users\Lynne\Desktop\L Y N N E 2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Malwarebytes 2013-09-07 17:37 - 2013-09-07 17:37 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-07 17:36 - 2013-09-07 09:25 - 00000000 ____D C:\Program Files\stinger 2013-09-07 15:57 - 2013-09-07 15:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lynne\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-07 14:29 - 2013-09-07 13:28 - 00000646 _____ C:\Users\Lynne\Downloads\Stinger_07092013_132803.html 2013-09-07 13:25 - 2013-09-07 13:25 - 00000000 ____D C:\Windows\pss 2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 _____ C:\Users\Lynne\Downloads\Stinger_07092013_115540.html 2013-09-07 10:05 - 2013-09-07 10:05 - 00060014 _____ C:\Users\Lynne\Downloads\Extras.Txt 2013-09-07 10:04 - 2013-09-07 10:04 - 00113400 _____ C:\Users\Lynne\Downloads\OTL.Txt 2013-09-07 09:33 - 2013-09-07 09:32 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907093205.txt 2013-09-07 09:27 - 2013-09-07 09:26 - 00001015 _____ C:\Users\Lynne\Downloads\Stinger_07092013_092623.html 2013-09-07 09:26 - 2013-09-07 09:26 - 00000000 ____D C:\Quarantine 2013-09-07 09:26 - 2013-09-07 09:25 - 00498508 _____ C:\Users\Lynne\Downloads\runtime.dat 2013-09-07 09:26 - 2013-09-07 09:25 - 00000114 ___RH C:\Users\Lynne\Downloads\Stinger.opt 2013-09-07 09:23 - 2013-09-07 09:01 - 00007605 _____ C:\Users\Lynne\AppData\Local\resmon.resmoncfg 2013-09-07 09:09 - 2013-09-07 09:09 - 03856847 _____ C:\Users\Lynne\Downloads\epo5600eng.zip 2013-09-07 07:17 - 2013-09-07 07:15 - 00000274 _____ C:\Users\Lynne\Downloads\RootkitRemover20130907071555.txt 2013-09-07 07:15 - 2013-09-07 07:15 - 00551408 _____ (McAfee, Inc.) C:\Users\Lynne\Downloads\rootkitremover.exe 2013-09-06 20:50 - 2013-09-06 20:50 - 00000000 ____D C:\ProgramData\softthinks 2013-09-06 20:50 - 2013-09-06 19:46 - 00000000 ____D C:\Users\Lynne\Documents\Profile1 2013-09-06 20:50 - 2012-11-01 16:14 - 00000000 __SHD C:\System Recovery 2013-09-06 19:43 - 2012-12-09 16:18 - 00000000 ____D C:\Users\Lynne\AppData\Local\softthinks 2013-09-06 07:10 - 2012-12-09 18:52 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\.minecraft 2013-09-05 21:00 - 2012-07-26 01:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-09-05 17:17 - 2012-12-11 21:18 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2013-09-05 17:16 - 2013-06-09 17:00 - 00001174 _____ C:\Users\Lynne\Desktop\ROBLOX Studio 2013.lnk 2013-09-05 17:11 - 2013-09-05 17:09 - 00001177 _____ C:\Users\Mackinaw\Desktop\ROBLOX Studio 2013.lnk 2013-09-05 17:09 - 2013-09-05 17:09 - 00543088 _____ (ROBLOX Corporation) C:\Users\Mackinaw\Downloads\RobloxPlayerLauncher.exe 2013-09-05 17:09 - 2013-09-05 17:09 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\Roblox 2013-09-05 17:08 - 2013-04-14 20:13 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\LogMeIn Hamachi 2013-09-05 17:05 - 2013-09-05 17:05 - 00000000 ____D C:\ProgramData\nbaby 2013-09-05 17:03 - 2012-12-22 20:40 - 00000000 ____D C:\ProgramData\Sendori 2013-09-05 07:19 - 2010-10-04 12:59 - 04594688 ___SH C:\Users\Lynne\Desktop\Thumbs.db 2013-09-05 06:34 - 2012-12-09 15:43 - 00000000 ____D C:\Program Files (x86)\Google 2013-08-31 12:21 - 2012-12-17 07:21 - 00000000 ____D C:\Users\Lynne\AppData\Local\Windows Live 2013-08-30 09:02 - 2013-08-30 08:48 - 00000000 ____D C:\Users\Lynne\AppData\Roaming\Juniper Networks 2013-08-30 08:51 - 2013-08-30 08:51 - 00000000 ____D C:\Users\Public\Juniper Networks 2013-08-30 08:51 - 2013-08-30 08:50 - 00000000 ____D C:\Program Files (x86)\Juniper Networks 2013-08-30 08:49 - 2013-08-30 08:49 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (3).exe 2013-08-30 08:48 - 2013-08-30 08:48 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (2).exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-08-30 08:48 - 2013-08-30 08:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-08-30 08:48 - 2013-08-30 08:48 - 00000000 ____D C:\Users\Lynne\AppData\Local\Juniper Networks 2013-08-30 08:48 - 2012-12-09 18:52 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-08-30 08:48 - 2012-12-09 18:52 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-08-30 08:47 - 2013-08-30 08:46 - 00903080 _____ (Oracle Corporation) C:\Users\Lynne\Downloads\chromeinstall-7u25.exe 2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller.exe 2013-08-30 08:46 - 2013-08-30 08:46 - 01791496 _____ (Juniper Networks, Inc.) C:\Users\Lynne\Downloads\JuniperSetupClientInstaller (1).exe 2013-08-30 04:18 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-08-29 18:11 - 2012-12-21 07:54 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-29 16:41 - 2013-08-29 15:57 - 00000000 ____D C:\Users\Mackinaw\AppData\Roaming\.minecraft 2013-08-29 16:01 - 2013-04-18 20:17 - 00000000 ____D C:\Users\Mackinaw\AppData\Local\Clipboarder 2013-08-29 15:57 - 2013-08-29 15:57 - 00675988 _____ C:\Users\Mackinaw\Downloads\Minecraft.exe 2013-08-19 17:46 - 2010-11-21 18:51 - 00000000 ____D C:\Users\Lynne\Desktop\M A C 2013-08-15 10:20 - 2012-07-26 04:12 - 00000000 ____D C:\Windows\rescache 2013-08-15 07:20 - 2012-07-26 04:12 - 00000000 ____D C:\Program Files\Windows Defender 2013-08-15 07:20 - 2012-07-26 04:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-08-14 11:39 - 2013-08-14 11:37 - 00000000 ____D C:\Windows\system32\MRT 2013-08-14 11:37 - 2012-12-13 04:05 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Lynne\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe C:\Users\Lynne\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-09 03:01 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 Ran by Lynne at 2013-09-09 06:32:56 Running from E:\ Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 8GadgetPack (x32 Version: 4.1.0) Adobe Flash Player 11 Plugin (x32 Version: 11.5.502.146) Adobe Photoshop Elements 2.0 (x32 Version: 2.0) Adobe Reader XI (11.0.01) (x32 Version: 11.0.01) Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133) Amazon Browser App (x32 Version: 1.0.0.0) Any Video Converter 5.0.5 (x32) Apple Application Support (x32 Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Bonjour (Version: 3.0.0.10) Canon Easy-PhotoPrint EX (x32) Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (x32) Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (x32) Canon Easy-PhotoPrint Pro (x32) Canon MG8100 series MP Drivers Canon MP Navigator EX 4.0 (x32) Canon My Printer (x32) Canon Solution Menu EX (x32) Classic Shell (Version: 3.6.4) CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a) CyberLink Media Suite 10 (x32 Version: 10.0.1.1913) CyberLink Media Suite Essentials (x32 Version: 10.0) CyberLink Power2Go 8 (x32 Version: 8.0.0.1904) CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904) CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dell Backup and Recovery - Support Software (x32 Version: 1.0.0.5) Dell Backup and Recovery (x32 Version: 1.0.0.5) Dell Digital Delivery (x32 Version: 2.2.4000.0) Dell Wireless Driver Installation (x32 Version: 10.0) DirectX 9 Runtime (x32 Version: 1.00.0000) Easy CD & DVD Burning Content (x32 Version: 14.0.030) exant SmartAudio HD (Version: 8.50.12.0) GIMP 2.8.4 (Version: 2.8.4) Glary Utilities 2.51.0.1666 (x32 Version: 2.51.0.1666) Google Chrome (x32 Version: 29.0.1547.66) Google Update Helper (x32 Version: 1.3.21.153) Intel(R) Control Center (x32 Version: 1.2.1.1008) Intel(R) Management Engine Components (x32 Version: 8.1.0.1281) Intel(R) Processor Graphics (x32 Version: 9.17.10.2849) Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207) Intel® Trusted Connect Service Client (Version: 1.24.738.1) iTunes (Version: 11.0.2.26) Java 7 Update 11 (64-bit) (Version: 7.0.110) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Juniper Networks Network Connect 7.4.0 (x32 Version: 7.4.0.25351) Juniper Networks, Inc. Setup Client (HKCU Version: 7.4.3.36355) Juniper Networks, Inc. Setup Client 64-bit Activex Control (Version: 2.1.1.1) Juniper Networks, Inc. Setup Client Activex Control (x32 Version: 2.1.1.1) Junk Mail filter update (x32 Version: 16.4.3505.0912) LogMeIn Hamachi (x32 Version: 2.1.0.374) McAfee SecurityCenter (x32 Version: 12.1.353) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office (x32 Version: 14.0.6120.5004) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000) Microsoft SkyDrive (HKCU Version: 16.4.6013.0910) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 20.0.1 (x86 en-US) (x32 Version: 20.0.1) Mozilla Maintenance Service (x32 Version: 20.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT Redists (x32 Version: 1.0) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) My Dell (Version: 3.3.6280.92) MyTomTom 3.2.0.906 (x32 Version: 3.2.0.906) Photo Gallery (x32 Version: 16.4.3505.0912) Photo Story 3 for Windows (x32 Version: 3.0.1115.11) QuickTime (x32 Version: 7.73.80.64) RBVirtualFolder64Inst (Version: 1.00.0000) ROBLOX Player for Lynne (HKCU) ROBLOX Studio 2013 for Lynne (HKCU) Roxio BackOnTrack (x32 Version: 4.5) Roxio Burn (x32 Version: 2.0) Roxio Central (x32 Version: 7.0.0) Roxio Easy CD and DVD Burning (x32 Version: 1.4.222) Roxio Easy CD and DVD Burning (x32 Version: 14.0.49.2) Sendori (x32 Version: 2.0.15) Shared C Run-time for x64 (Version: 10.0.0) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0) swMSM (x32 Version: 12.0.0.1) TeamViewer 8 (x32 Version: 8.0.16642) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Vegas Pro 11.0 (x32 Version: 11.0.682) Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912) WinRAR 4.20 (64-bit) (Version: 4.20.0) WinRAR Packages (HKCU) ==================== Restore Points ========================= 07-09-2013 23:22:03 Installed McAfee VirusScan Enterprise. ==================== Hosts content: ========================== 2012-07-26 01:26 - 2013-08-30 10:10 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {04775B23-53A9-417C-A988-49D3DD31FB23} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation) Task: {2A65F893-A5C5-4DAB-A650-FD99BD475D3F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {2AC0D6D8-21E7-4491-8141-8BA8FAC7163A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {4F7D2764-C269-47B6-8086-988B898844EA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {50ABA94D-E849-485E-BA91-174F2C685EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.) Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation) Task: {66FE2F79-6950-4974-B108-1DCFAF95098F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {76413BDF-12A3-40F8-BDD8-A78B10C837C2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.) Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {900E75C3-A5F3-4FD1-91F5-C330F3882810} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1091386282-3387701449-470047853-1001 Task: {901E0C63-1A9B-4675-8F15-FA8B43273EC0} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1091386282-3387701449-470047853-1004 => C:\Windows\System32\portabledeviceapi.dll [2012-07-25] (Microsoft Corporation) Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {9605EB24-BED2-40BA-BA91-960249578E1E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation) Task: {A7AA1B0E-2FFF-49FD-8509-E5EB90F5A8A2} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {BD5B181F-2A05-4F6F-B973-D46ECF18C53F} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2012-12-07] (Glarysoft Ltd) Task: {BD60E878-672E-4B3D-A3BE-0058AADB6F68} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-25] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E18BC818-DF31-4BD5-8178-197393ED16CB} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-07-17] (PC-Doctor, Inc.) Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-25] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {F5AB8BF7-6B84-494D-9200-CEC052A6D37C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-12-23 16:28 - 2012-12-23 16:28 - 01989632 _____ (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2012-07-26 03:55 - 2012-07-26 03:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2013-02-03 18:54 - 2013-02-03 18:54 - 00244696 _____ (Microsoft Corporation) C:\Users\Lynne\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll 2013-02-03 18:54 - 2013-02-03 18:54 - 00661448 _____ (Microsoft Corporation) C:\Users\Lynne\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCP110.dll 2013-02-03 18:54 - 2013-02-03 18:54 - 00828872 _____ (Microsoft Corporation) C:\Users\Lynne\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCR110.dll 2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2012-12-23 16:28 - 2012-12-23 16:28 - 00741888 _____ (IvoSoft) C:\Program Files\Classic Shell\ClassicExplorer64.dll 2012-10-06 01:12 - 2012-10-06 01:12 - 00286208 _____ (Intel Corporation) C:\Windows\system32\ [/QUOTE]
Insert quotes…
Verification
Post reply
Top