Jump to content

anthonyg138

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by anthonyg138

  1. I ran the scan as recommended but it said no threat. I keep getting a pop up from Mcafee saying that it has interrupted a trojan. My computer appears to look normal, do I need to do anything further?
  2. RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User : Melissa G [Admin rights] Mode : Scan -- Date : 04/21/2013 14:21:17 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [WALLP] HKCU\[...]\Desktop : Wallpaper (C:\Users\Melissa G\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9320423AS ATA Device +++++ --- User --- [MBR] fc2cabb17a150767ac5d3fa0a4aaa1e2 [bSP] 486b6751896448cdb80371ee334e427f : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290129 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3]_S_04212013_02d1421.txt >> RKreport[1]_S_03062013_02d2152.txt ; RKreport[2]_D_03062013_02d2154.txt ; RKreport[3]_S_04212013_02d1421.txt
  3. Got it to boot up. What should I do now run malware bytes?
  4. Hello I have run FRST.exe and here is the log: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-04-2013 01 Ran by Melissa G (administrator) on 21-04-2013 13:22:58 Running from E:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Minimal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) [236] C:\Windows\system32\cmd.exe (Microsoft Corporation) [276] C:\Windows\system32\ctfmon.exe (Microsoft Corporation) [448] C:\Windows\System32\dinotify.exe (McAfee, Inc.) [708] C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (Farbar) [964] E:\FRST64.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1812776 2009-06-26] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7970848 2009-07-14] (Realtek Semiconductor) HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.) HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation) HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [560128 2011-09-16] (Dell) Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X] HKCU\...\Run: [googletalk] C:\Users\Melissa G\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google) HKCU\...\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation) HKCU\...\Run: [Google Update] "C:\Users\Melissa G\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-01-18] (Google Inc.) HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-12-03] (Google Inc.) HKCU\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.) HKCU\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [964024 2012-08-31] (Samsung) HKCU\...\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x] HKCU\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-08-31] () HKCU\...\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun [202296 2012-04-25] (Kaspersky Lab ZAO) HKCU\...\Run: [Adobe CSx Manager] C:\Users\Melissa G\AppData\Roaming\79d903db-c4c4-433e-b3e5-0cef0f481f5ead\ddbccebecefffead.exe [106496 2013-04-18] () HKCU\...\Run: [intel] C:\Users\Melissa G\AppData\Roaming\ugctbjug\fgbbwivv.exe [109568 2009-07-13] (Elemental Group) HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [560128 2011-09-16] (Dell) HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-06-24] (CyberLink Corp.) HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1534504 2013-01-14] (McAfee, Inc.) HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-10-15] () HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd) HKLM-x32\...\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [x] HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-07-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2012-11-28] (Apple Inc.) HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-08-31] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-01-17] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1573576 2012-10-17] (Ask) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1 URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {078ADC90-920E-4727-B349-F0A7BE17AA20} URL = SearchScopes: HKCU - {604A73AB-89E9-40C5-BB96-AF9D527B0EA7} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=07C0C391-507D-4F95-8A8A-106E7732F9B6&apn_sauid=60D95876-29DF-4E23-B38A-F72C33090F62 BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [6670496 2012-08-16] (Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [4171424 2012-08-16] (Microsoft Corporation) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: hxxp://www.google.com/ CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Melissa G\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Melissa G\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Melissa G\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll No File CHR Plugin: (Skype Toolbars) - C:\Users\Melissa G\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Talk Plugin) - C:\Users\Melissa G\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Melissa G\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 6 U32) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation) CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll () CHR Extension: (YouTube) - C:\Users\Melissa G\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Melissa G\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Gmail) - C:\Users\Melissa G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= S2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202296 2012-04-25] (Kaspersky Lab ZAO) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.) S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.) S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.) S2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.) ==================== Drivers (Whitelisted) ==================== S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.) S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.) S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.) S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.) S3 cpuz134; \??\C:\Users\MELISS~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-04-21 13:22 - 2013-04-21 13:22 - 00000000 ____D C:\FRST 2013-04-20 01:01 - 2013-04-20 02:31 - 00000004 ____A C:\Users\Melissa G\AppData\Roaming\skype.ini 2013-04-18 23:04 - 2013-04-18 23:04 - 00109568 ____A (Elemental Group) C:\Users\Melissa G\skype.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00093184 ____A (Elemental Group) C:\Users\Melissa G\winlogon.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00093184 ____A (Elemental Group) C:\Users\Melissa G\java.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____D C:\Users\Melissa G\AppData\Roaming\79d903db-c4c4-433e-b3e5-0cef0f481f5ead 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____A C:\Users\Melissa G\windowsupdate.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____A C:\Users\Melissa G\rundll32.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____A C:\Users\Melissa G\iexplore.exe 2013-04-11 03:04 - 2013-02-22 01:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-11 03:04 - 2013-02-22 01:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-11 03:04 - 2013-02-22 01:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-11 03:04 - 2013-02-22 01:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-11 03:04 - 2013-02-22 01:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-04-11 03:04 - 2013-02-22 01:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-04-11 03:04 - 2013-02-22 01:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-11 03:04 - 2013-02-22 01:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-11 03:04 - 2013-02-22 01:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-04-11 03:04 - 2013-02-22 01:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-04-11 03:04 - 2013-02-22 01:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-11 03:04 - 2013-02-22 01:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-11 03:04 - 2013-02-22 01:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-04-11 03:04 - 2013-02-22 01:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-11 03:04 - 2013-02-22 01:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-11 03:04 - 2013-02-21 23:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-11 03:04 - 2013-02-21 22:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-11 03:04 - 2013-02-21 22:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-11 03:04 - 2013-02-21 22:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-11 03:04 - 2013-02-21 22:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-04-11 03:04 - 2013-02-21 22:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-04-11 03:04 - 2013-02-21 22:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-11 03:04 - 2013-02-21 22:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-11 03:04 - 2013-02-21 22:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-04-11 03:04 - 2013-02-21 22:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-04-11 03:04 - 2013-02-21 22:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-11 03:04 - 2013-02-21 22:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-11 03:04 - 2013-02-21 22:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-11 03:04 - 2013-02-21 22:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-04-11 03:04 - 2013-02-21 22:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-11 03:03 - 2013-02-22 01:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-11 03:03 - 2013-02-21 22:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-10 09:27 - 2013-03-19 01:05 - 05466472 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-04-10 09:27 - 2013-03-02 00:52 - 01652568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-10 09:27 - 2013-02-28 22:32 - 03150848 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-04-10 09:27 - 2013-02-12 10:42 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll 2013-04-10 09:27 - 2013-02-12 10:37 - 03138048 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2013-04-10 09:27 - 2013-02-12 10:31 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll 2013-04-10 09:27 - 2013-02-12 10:13 - 02691072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-04-10 09:27 - 2013-02-12 10:07 - 00131072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-04-10 09:27 - 2013-02-12 08:59 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-04-10 09:27 - 2013-01-24 00:41 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys 2013-04-10 09:26 - 2013-03-19 00:54 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-04-10 09:26 - 2013-03-19 00:51 - 00058368 ____A (Microsoft Corporation) C:\Windows\System32\appidapi.dll 2013-04-10 09:26 - 2013-03-19 00:51 - 00034304 ____A (Microsoft Corporation) C:\Windows\System32\appidsvc.dll 2013-04-10 09:26 - 2013-03-19 00:04 - 03971432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-10 09:26 - 2013-03-19 00:04 - 03915608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-10 09:26 - 2013-03-18 23:53 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-04-10 09:26 - 2013-03-18 23:49 - 00050688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2013-04-10 09:26 - 2013-03-18 22:57 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe 2013-04-10 09:26 - 2013-03-18 22:57 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys 2013-04-10 09:26 - 2013-03-18 22:57 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe 2013-04-10 09:26 - 2013-03-18 22:19 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-04-10 07:54 - 2013-04-10 07:54 - 00016854 ____A C:\Users\Melissa G\Downloads\products1.csv 2013-04-09 21:40 - 2013-04-09 21:40 - 00041322 ____A C:\Users\Melissa G\Downloads\orders (2).csv 2013-04-09 21:32 - 2013-04-09 21:32 - 00017187 ____A C:\Users\Melissa G\Downloads\products.csv 2013-04-02 21:26 - 2013-04-02 21:26 - 00000000 ____D C:\Users\Melissa G\AppData\Roaming\Mozilla 2013-03-30 08:16 - 2013-03-30 08:17 - 00726040 ____A C:\Windows\Minidump\033013-18985-01.dmp 2013-03-23 11:07 - 2013-03-23 11:08 - 41192768 ____A C:\Users\Melissa G\Downloads\PSP_table-tent_banner.zip ==================== One Month Modified Files and Folders ======= 2013-04-21 13:22 - 2013-04-21 13:22 - 00000000 ____D C:\FRST 2013-04-21 13:21 - 2009-07-14 00:13 - 00727310 ____A C:\Windows\System32\PerfStringBackup.INI 2013-04-20 02:31 - 2013-04-20 01:01 - 00000004 ____A C:\Users\Melissa G\AppData\Roaming\skype.ini 2013-04-20 02:30 - 2011-12-03 20:30 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-04-20 02:30 - 2010-12-11 22:43 - 00000000 ____D C:\Users\Melissa G\AppData\Local\SoftThinks 2013-04-20 02:30 - 2010-10-16 04:23 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup 2013-04-20 02:30 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-04-20 02:29 - 2009-07-13 23:51 - 00083690 ____A C:\Windows\setupact.log 2013-04-20 01:40 - 2009-07-14 00:10 - 01153412 ____A C:\Windows\WindowsUpdate.log 2013-04-20 01:02 - 2010-12-11 23:05 - 00000000 ____D C:\Users\Melissa G\AppData\Roaming\Skype 2013-04-20 01:00 - 2010-10-16 05:52 - 00154992 ____A C:\Windows\PFRO.log 2013-04-18 23:20 - 2011-12-03 20:30 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-04-18 23:13 - 2012-10-17 20:11 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-04-18 23:08 - 2011-01-18 07:46 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-741731264-724427569-3417338542-1001UA.job 2013-04-18 23:04 - 2013-04-18 23:04 - 00109568 ____A (Elemental Group) C:\Users\Melissa G\skype.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00093184 ____A (Elemental Group) C:\Users\Melissa G\winlogon.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00093184 ____A (Elemental Group) C:\Users\Melissa G\java.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____D C:\Users\Melissa G\AppData\Roaming\79d903db-c4c4-433e-b3e5-0cef0f481f5ead 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____A C:\Users\Melissa G\windowsupdate.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____A C:\Users\Melissa G\rundll32.exe 2013-04-18 23:04 - 2013-04-18 23:04 - 00000000 ____A C:\Users\Melissa G\iexplore.exe 2013-04-18 23:04 - 2010-12-11 22:43 - 00000000 ____D C:\users\Melissa G 2013-04-18 15:07 - 2009-07-13 23:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-04-18 15:07 - 2009-07-13 23:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-04-17 22:27 - 2012-11-11 19:37 - 00000000 ____D C:\Users\Melissa G\Documents\Petite Sweets 2013-04-17 19:57 - 2011-01-18 07:46 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-741731264-724427569-3417338542-1001Core.job 2013-04-11 03:25 - 2009-07-13 23:45 - 00410576 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-10 13:09 - 2012-01-20 20:15 - 00002391 ____A C:\Users\Melissa G\Desktop\Google Chrome.lnk 2013-04-10 07:54 - 2013-04-10 07:54 - 00016854 ____A C:\Users\Melissa G\Downloads\products1.csv 2013-04-09 21:40 - 2013-04-09 21:40 - 00041322 ____A C:\Users\Melissa G\Downloads\orders (2).csv 2013-04-09 21:32 - 2013-04-09 21:32 - 00017187 ____A C:\Users\Melissa G\Downloads\products.csv 2013-04-09 21:17 - 2012-10-22 20:37 - 00000000 ____D C:\Users\Melissa G\Petite Sweets 2013-04-05 21:27 - 2011-03-12 01:17 - 353361953 ____A C:\Windows\MEMORY.DMP 2013-04-05 21:27 - 2011-03-12 01:17 - 00000000 ____D C:\Windows\Minidump 2013-04-02 21:26 - 2013-04-02 21:26 - 00000000 ____D C:\Users\Melissa G\AppData\Roaming\Mozilla 2013-03-31 10:34 - 2013-03-06 23:29 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk 2013-03-31 10:34 - 2013-03-06 23:29 - 00002491 ____A C:\Users\Public\Desktop\Safari.lnk 2013-03-30 08:17 - 2013-03-30 08:16 - 00726040 ____A C:\Windows\Minidump\033013-18985-01.dmp 2013-03-26 20:42 - 2013-03-19 18:25 - 00010341 ____A C:\Users\Melissa G\Documents\Maintainenece phase.xlsx 2013-03-23 11:08 - 2013-03-23 11:07 - 41192768 ____A C:\Users\Melissa G\Downloads\PSP_table-tent_banner.zip Other Malware: =========== C:\Users\Melissa G\AppData\Roaming\skype.dat C:\Users\Melissa G\AppData\Roaming\skype.ini ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit Last Boot: 2013-04-17 20:51 ==================== End Of Log ============================ Additional Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-04-2013 01 Ran by Melissa G at 2013-04-21 13:24:23 Run: Running from E:\ Boot Mode: Minimal ========================================================== ==================== Installed Programs ======================= Accidental Damage Services Agreement (Version: 2.0.0) Adobe AIR (Version: 2.5.1.17730) Adobe Flash Player 11 ActiveX (Version: 11.6.602.180) Adobe Flash Player 11 Plugin (Version: 11.6.602.180) Adobe Reader X (10.1.6) (Version: 10.1.6) Advanced Audio FX Engine (Version: 1.12.05) Apple Application Support (Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (Version: 2.1.3.127) Ask Toolbar (Version: 1.15.9.0) Ask Toolbar Updater (Version: 1.2.3.29495) Banctec Service Agreement (Version: 2.0.0) Best Buy pc app (Version: 3.0.0.0) Best Buy pc app (Version: 3.1.2.0) Bing Bar (Version: 7.0.850.0) Bonjour (Version: 3.0.0.10) Club Player Casino (Version: 11.0.0) Complete Care Business Service Agreement (Version: 2.0.0) Consumer In-Home Service Agreement (Version: 2.0.0) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup - Support Software (Version: 2.34) Dell DataSafe Local Backup (Version: 9.4.51) Dell Dock (Version: 2.0) Dell Edoc Viewer (Version: 1.0.0) Dell Getting Started Guide (Version: 1.00.0000) Dell Home Systems Service Agreement (Version: 2.0.0) Dell Support Center (Version: 3.1.5830.17) Dell Touchpad (Version: 13.2.2.2) Dell Webcam Central (Version: 1.40.05) Google Chrome (Version: 26.0.1410.64) Google Talk (remove only) Google Talk Plugin (Version: 3.17.0.12440) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.4.3607.2246) Google Update Helper (Version: 1.3.21.135) GoToAssist 8.0.0.514 iCloud (Version: 2.1.1.3) Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202) iTunes (Version: 11.0.2.26) Java 7 Update 9 (Version: 7.0.90) Java Auto Updater (Version: 2.1.9.0) Java 6 Update 20 (64-bit) (Version: 6.0.200) Java 6 Update 32 (Version: 6.0.320) JavaFX 2.1.1 (Version: 2.1.1) Junk Mail filter update (Version: 14.0.8089.726) Kaspersky Security Scan (Version: 12.0.1.117) Live! Cam Avatar Creator (Version: 4.6.3009.1) Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100) McAfee SecurityCenter (Version: 11.6.477) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (Version: 2.0.48.0) Microsoft Office 2010 (Version: 14.0.4763.1000) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000) Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0) Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319) MobileMe Control Panel (Version: 3.1.8.0) MSVCRT (Version: 14.0.1468.721) PowerDVD DX (Version: 8.3.5424) Premium Service Agreement (Version: 2.0.0) QualxServ Service Agreement (Version: 2.0.0) Quickset64 (Version: 9.6.6) QuickTime (Version: 7.73.80.64) Realtek High Definition Audio Driver (Version: 6.0.1.5894) Roxio Burn (Version: 1.01) Safari (Version: 5.34.57.2) Samsung Kies (Version: 2.3.3.12085_7) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0) Shared C Run-time for x64 (Version: 10.0.0) Skype Click to Call (Version: 5.9.9216) Skype™ 5.10 (Version: 5.10.116) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Windows Live Call (Version: 14.0.8064.0206) Windows Live Communications Platform (Version: 14.0.8064.206) Windows Live Essentials (Version: 14.0.8089.0726) Windows Live Essentials (Version: 14.0.8089.726) Windows Live Mail (Version: 14.0.8089.0726) Windows Live Messenger (Version: 14.0.8089.0726) Windows Live Movie Maker (Version: 14.0.8091.0730) Windows Live Photo Gallery (Version: 14.0.8081.709) Windows Live Sign-in Assistant (Version: 5.000.818.5) Windows Live Sync (Version: 14.0.8089.726) Windows Live Upload Tool (Version: 14.0.8014.1029) Windows Live Writer (Version: 14.0.8089.0726) ==================== Restore Points ========================= 27-03-2013 14:21:29 Scheduled Checkpoint 04-04-2013 13:54:07 Scheduled Checkpoint 11-04-2013 08:01:37 Windows Update ==================== Faulty Device Manager Devices ============= Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: McAfee Inc. mfehidk Description: McAfee Inc. mfehidk Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: mfehidk Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (04/20/2013 01:03:36 AM) (Source: Application Error) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16768, time stamp: 0x4d688122 Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137 Exception code: 0xc0000420 Fault offset: 0x00000000000c6ae2 Faulting process id: 0x2720 Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Error: (04/18/2013 11:05:15 PM) (Source: Application Error) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16768, time stamp: 0x4d688122 Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137 Exception code: 0xc0000005 Fault offset: 0x000000000001aaca Faulting process id: 0x56c Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Error: (04/18/2013 10:35:58 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 288009 Error: (04/18/2013 10:35:58 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 288009 Error: (04/18/2013 10:35:58 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/18/2013 10:31:11 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1232 Error: (04/18/2013 10:31:11 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1232 Error: (04/18/2013 10:31:11 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/18/2013 10:21:17 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2928841 Error: (04/18/2013 10:21:17 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2928841 System errors: ============= Error: (04/21/2013 01:24:00 PM) (Source: DCOM) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (04/21/2013 01:23:29 PM) (Source: DCOM) (User: ) Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40} Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: %%1068 Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: %%1068 Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: %%1068 Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: %%1068 Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: %%1068 Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: %%1068 Error: (04/21/2013 01:19:26 PM) (Source: Service Control Manager) (User: ) Description: The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= Error: (04/20/2013 01:03:36 AM) (Source: Application Error)(User: ) Description: Explorer.EXE6.1.7600.167684d688122ntdll.dll6.1.7600.169154ec4b137c000042000000000000c6ae2272001ce3d8cc3393becC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll097c5035-a980-11e2-804d-f04da252ce29 Error: (04/18/2013 11:05:15 PM) (Source: Application Error)(User: ) Description: Explorer.EXE6.1.7600.167684d688122ntdll.dll6.1.7600.169154ec4b137c0000005000000000001aaca56c01ce3c6f49fa4e54C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll566a10b8-a8a6-11e2-91fc-f04da252ce29 Error: (04/18/2013 10:35:58 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 288009 Error: (04/18/2013 10:35:58 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 288009 Error: (04/18/2013 10:35:58 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/18/2013 10:31:11 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1232 Error: (04/18/2013 10:31:11 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1232 Error: (04/18/2013 10:31:11 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/18/2013 10:21:17 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2928841 Error: (04/18/2013 10:21:17 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2928841 CodeIntegrity Errors: =================================== Date: 2013-03-06 21:48:21.598 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-03-06 21:48:21.590 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-03-06 21:48:21.586 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 2936.95 MB Available physical RAM: 2443.85 MB Total Pagefile: 5871.99 MB Available Pagefile: 5384.21 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:283.33 GB) (Free:194.21 GB) NTFS (Disk=0 Partition=3) Drive e: (USB DISK) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32 (Disk=1 Partition=1) Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 298 GB 13 MB Disk 1 Online 3824 MB 0 B Partitions of Disk 0: =============== Disk ID: FE098249 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 100 MB 1024 KB Partition 2 Primary 14 GB 101 MB Partition 3 Primary 283 GB 14 GB ================================================================================== Disk: 0 Partition 1 Type : DE Hidden: Yes Active: No There is no volume associated with this partition. ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 RECOVERY NTFS Partition 14 GB Healthy System (partition with boot components) ========================================================= Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 283 GB Healthy Boot ========================================================= Partitions of Disk 1: =============== Disk ID: C3072E18 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 3823 MB 31 KB ================================================================================== Disk: 1 Partition 1 Type : 0B Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E USB DISK FAT32 Removable 3823 MB Healthy ========================================================= ============================== MBR & Partition Table ================== ==================================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: FE098249) Partition 1: (Not Active) - (Size=100 MB) - (Type=DE) Partition 2: (Active) - (Size=15 GB) - (Type=07) (NTFS) Partition 3: (Not Active) - (Size=283 GB) - (Type=07) (NTFS) ==================================================================== Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=4 GB) - (Type=0B)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.