dcw182

check out our vacation rentals on our VRBO's at www.vrbo.com/167560 for our two-bedroom villa or www.vrbo.com/84676 for our studio by the beach. I can be reached at deb@costadelsol-cr.net. Comment you helped me with my computer virus and we will give you a deal. Thanks so very much for putting up with me and my ignorance. You are awesome! deb

Everything is deleted and so I guess I shall run a normal day tomorrow and see what happens. I can't thank you enough! Come to Costa Rica, Dominical, we have wonderful vacation properties and will give you a good deal for taking such good care of me! Can I post how you can contact me or our website?

I'm not sure what you mean by this, what files do you want to delete?? I have a lot of files that are not program files but are related to running the programs. Notebook and folders of misc. Can I delete all this and only keep my Malwarebytes? You need an anti-virus (you have McAfee at the present time) and Malwarebytes Do I need two? And how good is McAfee? I am SO appreciative of all you have done for me and malwarebytes org I am happy to buy the Pro. Obviously you know your stuff. Do I need this? And if I do, then do I disable my McAfee?

I miss understood that part when I read it......that big word, "or" Everything went smoothly and now I need to know how to delete the other programs. Just right click and delete or is there a better way? I see these programs in my program file I am unsure of and have today's date on them as being installed, and I can uninstall. Should these been uninstalled? Advanced Audio FX Engine Realtek High Definition Audio Driver Revo Uninstaler 1.95 And another question for you: Should I delete all the other files I have accumulated over all this repair process and just go with the Pro Malwarebytes to keep me secure? I hope I am making sense here. Hard to convey what I mean in words sometimes. deb

I was able to uninstall the Java 6 file. Thank you for the info on WD, I will be installing Pro version of Malwarebytes. Things were going too smoothly..... I did use combofix and downloaded it to my desktop. It's in a zip file. Inside the zip file is the exe file that it will not allow me to rename it. I do not show combofix in my windows uninstall list. When I do the windows logo key + R I get the window that windows can't find it. Now what?

Yep, it appears we are finally getting there! When I downloaded the Security Check, McAfee Security immediately quarantined a file called: Artemis!32F2448BF194 (Trojan) This stopped the SecurityCheck from downloading completely. I turned McAfee off and redownloaded. Also it appears I have the McAfee Anti-Virus and Anti-Spyware AND the Windows Defender running. Is this not good to have two running at the same time? I'm not that thrilled, as I got a virus and I had McAfee. Recommendations? Results of screen317's Security Check version 0.99.77 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 31 Java 7 Update 45 Adobe Flash Player 11.9.900.152 Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` mcafee VIRUSS~1 mcvsmap.exe mcafee VIRUSS~1 mcvsshld.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````

# AdwCleaner v3.014 - Report created 10/12/2013 at 10:51:15 # Updated 01/12/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Debbie - DEBBIE-DELL # Running from : C:\Users\Debbie\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v [ File : C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [36566 octets] - [03/12/2013 11:29:08] AdwCleaner[R1].txt - [1002 octets] - [03/12/2013 15:11:03] AdwCleaner[R2].txt - [1403 octets] - [05/12/2013 22:57:13] AdwCleaner[R3].txt - [1241 octets] - [10/12/2013 10:45:26] AdwCleaner[s0].txt - [35657 octets] - [03/12/2013 11:50:46] AdwCleaner[s1].txt - [1063 octets] - [03/12/2013 15:12:27] AdwCleaner[s2].txt - [1435 octets] - [05/12/2013 23:04:10] AdwCleaner[s3].txt - [1163 octets] - [10/12/2013 10:51:15] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1223 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.10.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Debbie :: DEBBIE-DELL [administrator] 12/10/13 11:09:57 AM MBAM-log-2013-12-10 (12-59-02).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 465340 Time elapsed: 1 hour(s), 37 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy (PUP.Optional.ScorpionSaver) -> No action taken. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe.vir (Adware.AdPeak) -> No action taken. C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> No action taken. (end) Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.10.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Debbie :: DEBBIE-DELL [administrator] 12/10/13 11:09:57 AM mbam-log-2013-12-10 (11-09-57).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 465340 Time elapsed: 1 hour(s), 37 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe.vir (Adware.AdPeak) -> Quarantined and deleted successfully. C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Quarantined and deleted successfully. (end)

It worked! ComboFix 13-12-08.01 - Debbie 12/09/13 22:02:44.1.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.1981 [GMT -6:00]Running from: c:\users\Debbie\AppData\Local\Temp\Temp1_ComboFix.zip\ComboFix.exeAV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\CRRedist2008_x86.exec:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpackc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\bootstrap.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\defaults\preferences\prefs.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\page-mod.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\private-browsing.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\request.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\windows.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\addon\runner.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\api-utils.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\base64.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\byte-streams.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\collection.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-proxy.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-worker.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\loader.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\symbiont.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\worker.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cortex.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cuddlefish.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\deprecate.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\dom\events.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\environment.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\errors.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\core.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\target.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events\assembler.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\file.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\functional.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\globals.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\heritage.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\hidden-frame.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\core.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\html.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\loader.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\locale.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\prefs.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\light-traits.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\list.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\loader.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\match-pattern.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\memory.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\namespace.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\observer-service.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\plain-text-console.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\preferences-service.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\private-browsing\utils.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\promise.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\querystring.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\runtime.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\sandbox.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\self.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system\events.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\events.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\observer.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\tab.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\utils.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\text-streams.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\timer.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traceback.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits\core.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\unload.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\url.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\data.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\object.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\registry.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\thumbnail.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\uuid.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window-utils.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window\utils.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\dom.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\loader.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\observer.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\tabs.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xhr.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xpcom.jsc:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xul-app.jsc:\windows\PFRO.log..((((((((((((((((((((((((( Files Created from 2013-11-10 to 2013-12-10 )))))))))))))))))))))))))))))))..2013-12-10 04:13 . 2013-12-10 04:13 -------- d-----w- c:\users\Default\AppData\Local\temp2013-12-10 04:09 . 2013-12-10 04:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3091C3C-2D9B-47B5-BDF5-CBF7D08BA74B}\offreg.dll2013-12-09 00:22 . 2013-11-18 07:28 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3091C3C-2D9B-47B5-BDF5-CBF7D08BA74B}\mpengine.dll2013-12-07 04:34 . 2013-12-10 01:56 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-12-07 04:34 . 2013-12-10 01:17 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys2013-12-07 04:31 . 2013-12-10 01:16 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-12-06 18:05 . 2013-12-10 01:04 -------- d-----w- C:\FRST2013-12-03 20:26 . 2013-12-03 20:26 -------- d-----w- C:\_OTM2013-12-03 18:32 . 2013-04-04 20:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-12-03 18:32 . 2013-12-03 18:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-12-03 17:28 . 2013-12-06 05:04 -------- d-----w- C:\AdwCleaner2013-12-03 17:07 . 2013-12-03 17:07 -------- d-----w- c:\program files (x86)\VS Revo Group2013-12-03 16:19 . 2013-09-23 19:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys2013-12-03 16:17 . 2013-12-03 16:17 -------- d-----w- c:\program files\McAfee.com2013-12-03 16:17 . 2013-12-06 07:37 -------- d-----w- c:\program files (x86)\McAfee2013-12-03 15:36 . 2013-11-04 22:46 182752 ----a-w- c:\windows\system32\mfevtps.exe2013-11-29 14:16 . 2013-11-29 14:16 -------- d-----w- c:\windows\Migration2013-11-29 06:25 . 2013-11-29 06:25 -------- d-----w- c:\users\Debbie\AppData\Roaming\Malwarebytes2013-11-29 06:25 . 2013-11-29 06:25 -------- d-----w- c:\programdata\Malwarebytes2013-11-29 06:23 . 2013-11-29 06:23 -------- d-----w- c:\users\Debbie\AppData\Local\Programs2013-11-29 05:22 . 2013-11-29 05:22 -------- d-----w- c:\users\Debbie\AppData\Roaming\McAFee TechCheck2013-11-29 05:20 . 2000-05-22 07:00 244416 ----a-w- c:\windows\SysWow64\Msflxgrd.ocx2013-11-29 05:20 . 2000-05-22 07:00 203976 ----a-w- c:\windows\SysWow64\RICHTX32.OCX2013-11-29 05:20 . 2013-11-29 05:24 -------- d-----w- c:\users\Debbie\AppData\Roaming\TechCheck2013-11-28 15:50 . 2013-12-03 16:18 -------- d-----w- c:\program files\Common Files\McAfee2013-11-28 15:24 . 2013-11-28 15:31 -------- d-----w- c:\program files\stinger2013-11-28 03:51 . 2013-11-28 03:51 -------- d-----w- c:\program files\iPod2013-11-28 03:51 . 2013-11-28 03:53 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-28 03:51 . 2013-11-28 03:52 -------- d-----w- c:\program files\iTunes2013-11-28 03:51 . 2013-11-28 03:52 -------- d-----w- c:\program files (x86)\iTunes2013-11-28 02:10 . 2013-10-16 16:18 439296 ----a-w- c:\windows\system32\AdpeakProxy64.dll2013-11-27 23:04 . 2013-10-15 00:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE2013-11-27 22:52 . 2013-11-27 22:52 -------- d-----w- c:\program files (x86)\Common Files\Java2013-11-27 22:52 . 2013-11-27 22:52 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-11-15 19:51 . 2013-11-15 19:58 -------- d-----w- C:\bbc32f117dc597ff11b76deb2013-11-15 02:49 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll2013-11-15 02:49 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll2013-11-15 02:49 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys2013-11-15 02:49 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll2013-11-15 02:49 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll2013-11-15 02:49 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll2013-11-15 02:49 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll2013-11-15 02:49 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll2013-11-15 02:49 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-12-10 02:21 . 2013-10-29 03:27 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys2013-11-27 22:44 . 2012-04-10 05:46 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-11-27 22:44 . 2012-03-14 21:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-21 12:52 . 2013-10-22 05:15 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys2013-11-19 09:33 . 2010-09-03 06:14 267936 ------w- c:\windows\system32\MpSigStub.exe2013-11-18 18:07 . 2013-08-08 03:53 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys2013-11-07 22:00 . 2010-09-05 00:05 82896128 ----a-w- c:\windows\system32\MRT.exe2013-11-04 22:51 . 2013-09-25 02:29 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys2013-11-04 22:46 . 2013-09-25 02:25 343696 ----a-w- c:\windows\system32\drivers\mfewfpk.sys2013-11-04 22:43 . 2013-09-25 02:22 782360 ----a-w- c:\windows\system32\drivers\mfehidk.sys2013-11-04 22:41 . 2013-09-25 02:21 519576 ----a-w- c:\windows\system32\drivers\mfefirek.sys2013-11-04 22:40 . 2013-09-25 02:20 311120 ----a-w- c:\windows\system32\drivers\mfeavfk.sys2013-11-04 22:39 . 2013-09-25 02:19 179792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys2013-10-20 15:31 . 2013-10-20 15:31 17813896 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe2013-09-25 02:25 . 2013-10-09 05:42 182752 ----a-w- c:\windows\system32\mfevtps.exe.82a7.deleteme2013-09-20 15:38 . 2013-09-20 15:38 10856 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys2013-09-20 15:38 . 2013-09-20 15:38 95984 ----a-w- c:\windows\system32\drivers\mfencrk.sys2013-09-20 15:37 . 2013-09-20 15:37 390552 ----a-w- c:\windows\system32\drivers\mfencbdc.sys2013-09-17 15:29 . 2013-09-21 04:39 30752 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys2013-09-12 03:21 . 2013-09-12 03:21 863344 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll2013-09-12 03:21 . 2013-09-12 03:21 501872 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll2013-09-12 03:21 . 2013-09-12 03:21 28776 ----a-w- c:\windows\SysWow64\aspnet_counters.dll2013-09-12 03:21 . 2013-09-12 03:21 18000 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll2013-09-12 01:39 . 2013-09-12 01:39 855664 ----a-w- c:\windows\system32\msvcr110_clr0400.dll2013-09-12 01:39 . 2013-09-12 01:39 614000 ----a-w- c:\windows\system32\msvcp110_clr0400.dll2013-09-12 01:39 . 2013-09-12 01:39 30312 ----a-w- c:\windows\system32\aspnet_counters.dll2013-09-12 01:39 . 2013-09-12 01:39 18000 ----a-w- c:\windows\system32\msvcr100_clr0400.dll2012-01-06 19:41 . 2012-01-06 19:41 14848 ----a-w- c:\program files (x86)\EDDI7.vshost.exe2012-01-06 19:40 . 2012-01-06 19:40 10718208 ----a-w- c:\program files (x86)\EDDI7.exe2012-01-06 19:40 . 2012-01-06 19:40 71168 ----a-w- c:\program files (x86)\TRIBUTA_LN.DLL2012-01-06 19:40 . 2012-01-06 19:40 281600 ----a-w- c:\program files (x86)\TRIBUTA_EN.DLL2012-01-06 19:40 . 2012-01-06 19:40 17408 ----a-w- c:\program files (x86)\TRIBUTA_AD.DLL2011-08-25 15:58 . 2011-08-25 15:58 17920 ----a-w- c:\program files (x86)\Microsoft.VisualStudio.HostingProcess.Utilities.Sync.dll2011-02-19 03:54 . 2011-02-19 03:54 3518464 ----a-w- c:\program files (x86)\itextsharp.DLL..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 130736 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-14 559616].c:\users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk - c:\program files (x86)\Webshots\3.1.5.7619\Launcher.exe /t [2010-9-4 157088].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk /p \??\F:\0autocheck autochk *.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]@="".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [x]R2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x]R3 acfva;acfva;c:\windows\system32\DRIVERS\ACFVA64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFVA64.sys [x]R3 dgcfltr;DGC Filter Driver;c:\windows\system32\DRIVERS\ACFDCP64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFDCP64.sys [x]R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]R4 AGCoreService;AG Core Services;c:\program files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe;c:\program files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe [x]R4 sbupdate;AOL Update Service (sbupdate);c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe;c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe [x]R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R4 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]R4 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]R4 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [x]R4 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]R4 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [x]S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys;c:\windows\SYSNATIVE\drivers\ElRawDsk.sys [x]S2 EntryProtect;DataMask by AOL;c:\program files (x86)\AOL\DataMask by AOL\epservice.exe;c:\program files (x86)\AOL\DataMask by AOL\epservice.exe [x]S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe;c:\program files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [x]S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]S2 WDFMEService;WDFMEService;c:\program files\Western Digital\WD SmartWare\WDFME.exe;c:\program files\Western Digital\WD SmartWare\WDFME.exe [x]S2 WDRulesService;WDRulesService;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [x]S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]S3 epfilter;epfilter;c:\windows\system32\drivers\epfilter.sys;c:\windows\SYSNATIVE\drivers\epfilter.sys [x]S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]S3 SaiH8000;SaiH8000;c:\windows\system32\DRIVERS\SaiH8000.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH8000.sys [x]..--- Other Services/Drivers In Memory ---.*Deregistered* - epinject.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2013-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 22:44].2013-12-10 c:\windows\Tasks\DriverUpdate Startup.job- c:\program files (x86)\DriverUpdate\DriverUpdate.exe [2013-06-22 21:26].2013-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 06:52].2013-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 06:52].2013-09-29 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13].2013-12-10 c:\windows\Tasks\SentryBayUpdateTaskMachineCore.job- c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe [2012-05-27 04:57].2013-12-10 c:\windows\Tasks\SentryBayUpdateTaskMachineUA.job- c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe [2012-05-27 04:57].2014-09-26 c:\windows\Tasks\SystemToolsDailyTest.job- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuInternet Settings,ProxyOverride = *.localTCP: DhcpNameServer = 10.0.1.1.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)c:\users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk - c:\users\Debbie\AppData\Local\Temp\_uninst_05648578.batc:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrunHKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)WebBrowser-{8413196D-E290-4418-B5C6-A3B1379A909C} - (no file)WebBrowser-{F999A48B-1950-4D81-9971-79018F807B4B} - (no file)AddRemove-{2857dbef-0b50-361c-8690-7d505747009f} - c:\program files (x86)\AGI\core\4.2.0.10753\InstallerGUI.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-12-09 22:18:39ComboFix-quarantined-files.txt 2013-12-10 04:18.Pre-Run: 156,617,891,840 bytes freePost-Run: 156,508,192,768 bytes free.- - End Of File - - 9C919F3D0CB787CFE140D2F107E58C6F

I downloaded ComboFix.exe and right at the end of the download my McAfee program said it quarantined a Trojan. I have disabled my firewall on McAfee before running this. And when I went to open the ComboFix.exe file it says "Safari can't show the file because it has moved since you downloaded it." now what?

without screwing up this time? I will try!

By George I think we got it!! RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Debbie [Admin rights]Mode : Scan -- Date : 12/09/2013 20:49:36| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 10 ¤¤¤[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤[Debbie][sUSP PATH] _uninst_05648578.lnk : C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk @C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat [-][x] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 +++++--- User ---[MBR] 5ea7e81eaf591d3ec1f78e1d30874d01[bSP] b7b3eb14adfd50ca04b936abaf85fbb5 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_12092013_204936.txt >>

Touché! I deserved that. And speaking of restoring and bringing back in the virus......does this mean my passport, external backup, is virused too? I disconnected it about two weeks ago, suspecting trouble and have not used it since. Do I dare plug it in and try to recapture files off of it? I followed your directions above and the reports are below. In my first scan of mbar.exe, it showed I had no malware and no cleanup was necessary. So I skipped the second scan. At the end of all this my internet is working fine, my updates are current and my McAfee firewall is on. ======================================= Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2013 Ran by Debbie at 2013-12-09 19:04:26 Run:2 Running from C:\Users\Debbie\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path) ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update* => Value deleted successfully. ==== End of Fixlog ==== Malwarebytes Anti-Rootkit BETA 1.07.0.1008 www.malwarebytes.org Database version: v2013.12.09.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Debbie :: DEBBIE-DELL [administrator] 12/09/13 7:17:48 PM mbar-log-2013-12-09 (19-17-48).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 258187 Time elapsed: 33 minute(s), 52 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1008 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.16428 Java version: 1.6.0_31 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.261000 GHz Memory total: 4081606656, free: 1941450752 Downloaded database version: v2013.12.09.08 Downloaded database version: v2013.10.11.02 ======================================= Initializing... ------------ Kernel report ------------ 12/09/2013 19:17:42 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\C:\Windows\system32\drivers\avgtpx64.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \??\C:\Windows\system32\drivers\ElRawDsk.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\drivers\usbehci.sys \SystemRoot\system32\drivers\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\bcmwl664.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\L1C62x64.sys \SystemRoot\system32\drivers\i8042prt.sys \??\C:\Windows\system32\drivers\epfilter.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\bcmvwl64.sys \SystemRoot\system32\DRIVERS\wanatw64.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\system32\DRIVERS\mfencbdc.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\CtClsFlt.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\LHidFilt.Sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\LMouFilt.Sys \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\SaiH8000.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\ACFSDK64.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\DRIVERS\ACFXAU64.sys \??\C:\Program Files (x86)\AOL\DataMask by AOL\epinject64.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\drivers\cfwids.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\drivers\btusbflt.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\system32\DRIVERS\rfcomm.sys \SystemRoot\system32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\system32\DRIVERS\btwavdt.sys \SystemRoot\system32\drivers\btwaudio.sys \SystemRoot\system32\DRIVERS\btwl2cap.sys \SystemRoot\system32\DRIVERS\btwrchid.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004c66060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800493e050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004c66060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004ada9d0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004c66060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800493e050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7188B833 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 206848 Numsec = 30720000 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 30926848 Numsec = 594213552 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)... Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_206848_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removal finished

This is crazy. How am I getting infected? I am not a surfer, nor do I open up attachments unless I confirm from the sender they are good. Or is this a past one still lurking? Thanks so much for your patience! I Already had the Farbar Recovery on my computer, so I ran another scan from that. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2013Ran by Debbie (administrator) on DEBBIE-DELL on 09-12-2013 13:03:36Running from C:\Users\Debbie\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(Memeo) C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe(AOL) C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe(AOL) C:\Program Files (x86)\AOL\DataMask by AOL\ep.exe(AOL) C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDFME.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe(Webshots.com) C:\Program Files (x86)\Webshots\3.1.5.7619\Webshots.scr(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-13] (Dell)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)MountPoints2: E - E:\LaunchU3.exe -aMountPoints2: H - H:\LaunchU3.exe -aMountPoints2: {056b6265-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exeMountPoints2: {056b6270-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exeMountPoints2: {056b627d-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exeMountPoints2: {097a27df-6baf-11e0-b9c1-c44619fd34a2} - E:\AutoRun.exeMountPoints2: {097a2803-6baf-11e0-b9c1-c44619fd34a2} - E:\AutoRun.exeMountPoints2: {2e3ae15a-f82f-11e0-9a34-c44619fd34a2} - "E:\WD SmartWare.exe" autoplay=trueMountPoints2: {3a03f7dd-6df0-11e0-9c28-00038a000015} - E:\AutoRun.exeMountPoints2: {3a03f7e9-6df0-11e0-9c28-00038a000015} - E:\AutoRun.exeMountPoints2: {4c86b20b-ea9e-11df-aca7-00038a000015} - "E:\WD SmartWare.exe" autoplay=trueMountPoints2: {a6b050e8-3bac-11e1-9810-c44619fd34a2} - H:\LaunchU3.exe -aHKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)Startup: C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnkShortcutTarget: Webshots.lnk -> C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe (Webshots.com)Startup: C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnkShortcutTarget: _uninst_05648578.lnk -> C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat (No File)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)BootExecute: autocheck autochk /p \??\F:autocheck autochk * ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://kolbi.msn.com/?rd=1&ucc=CR&dcc=CR&opt=0HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x760B2275FDECCE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {907C29F0-1F7C-41DE-B59B-CF7830BD034C} URL = BHO: DataMask by AOL - {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} - C:\Program Files (x86)\AOL\DataMask by AOL\epbho64.dll (AOL)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No FileBHO: DataMask by AOL - {ff507020-a257-4527-a222-b6f5732e55ee} - C:\Program Files (x86)\AOL\DataMask by AOL\plbho64.dll (AOL)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileToolbar: HKCU - No Name - {8413196D-E290-4418-B5C6-A3B1379A909C} - No FileToolbar: HKCU - No Name - {F999A48B-1950-4D81-9971-79018F807B4B} - No FileDPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cabDPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cabHandler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No FileHandler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No FileHandler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) FireFox:========FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.defaultFF Keyword.URL: user_pref("keyword.URL", "");FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @update.sentrybay.com/SentryBay Update;version=8 - C:\Program Files (x86)\SentryBay\Update\1.0.0.7621\npSentryBayOneClick8.dll (AOL)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Extension: No Name - C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\Extensions\ScorpionSaver@jetpackFF HKLM\...\Firefox\Extensions: [sss@sentrybay.com] - C:\Program Files (x86)\AOL\DataMask by AOL\ffextFF Extension: DataMask by AOL - C:\Program Files (x86)\AOL\DataMask by AOL\ffextFF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF HKLM-x32\...\Firefox\Extensions: [sss@sentrybay.com] - C:\Program Files (x86)\AOL\DataMask by AOL\ffextFF Extension: DataMask by AOL - C:\Program Files (x86)\AOL\DataMask by AOL\ffextFF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: =======CHR HKLM-x32\...\Chrome\Extension: [bjaehcnihbogidpfieaepehilfecnodk] - C:\Program Files (x86)\AOL\DataMask by AOL\phishlock.crxCHR HKLM-x32\...\Chrome\Extension: [kochbcmingebnmbcpbbpfpmipakoipge] - C:\Program Files (x86)\AOL\DataMask by AOL\phishlock.crx ==================== Services (Whitelisted) ================= R2 EntryProtect; C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe [45896 2013-04-30] (AOL)R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 MemeoBackgroundService; C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824 2009-11-12] (Memeo)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)S4 sbupdate; C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [129904 2012-05-26] (AOL)S4 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [118272 2008-07-24] (WDC)R2 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1978256 2011-08-01] (Western Digital )R2 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338256 2011-08-01] (Western Digital )S4 XAudioService; C:\Windows\system32\DRIVERS\ACFXAU64.exe [410624 2007-05-09] (Conexant Systems, Inc.)S4 AGCoreService; "C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe" [x]S2 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [x]S2 vToolbarUpdater17.1.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x] ==================== Drivers (Whitelisted) ==================== S3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [121856 2007-04-26] (Conexant Systems Inc.)R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-21] (AVG Technologies)R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [35200 2007-05-09] (Conexant Systems, Inc.)R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-17] (EldoS Corporation)R3 epfilter; C:\Windows\system32\drivers\epfilter.sys [21312 2013-08-12] (SentryBay)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)R3 SaiH8000; C:\Windows\System32\DRIVERS\SaiH8000.sys [178560 2008-04-04] (Saitek)S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-12-09] ()R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2007-05-09] (Conexant Systems, Inc.)U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-08 23:45 - 2013-12-08 23:46 - 00000000 ____D C:\Users\Debbie\Desktop\HOA Acctg2013-12-08 21:21 - 2013-12-08 23:40 - 00000000 ____D C:\Users\Debbie\Desktop\RK reports2013-12-08 18:30 - 2013-12-08 18:30 - 04166144 _____ C:\Users\Debbie\Downloads\RogueKillerX64.exe2013-12-06 22:34 - 2013-12-08 08:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-12-06 22:34 - 2013-12-06 23:27 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2013-12-06 22:31 - 2013-12-06 23:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-12-06 22:30 - 2013-12-08 08:21 - 00000000 ____D C:\Users\Debbie\Desktop\mbar2013-12-06 22:29 - 2013-12-08 08:21 - 00000000 ____D C:\Users\Debbie\Desktop\Malwarbytes Anti-Rootkit2013-12-06 22:28 - 2013-12-06 22:29 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Debbie\Downloads\mbar-1.07.0.1007.exe2013-12-06 12:06 - 2013-12-06 12:17 - 00033569 _____ C:\Users\Debbie\Downloads\Addition.txt2013-12-06 12:05 - 2013-12-09 13:03 - 00018152 _____ C:\Users\Debbie\Downloads\FRST.txt2013-12-06 12:05 - 2013-12-08 08:21 - 00000000 ____D C:\FRST2013-12-06 12:04 - 2013-12-06 12:04 - 01925820 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe2013-12-06 01:37 - 2013-12-09 07:33 - 00000448 _____ C:\Windows\setupact.log2013-12-06 01:37 - 2013-12-06 01:37 - 00000000 _____ C:\Windows\setuperr.log2013-12-05 23:02 - 2013-12-08 08:21 - 00000000 ____D C:\Users\Debbie\Desktop\Scorpion Forum clean up reports2013-12-05 08:15 - 2013-12-05 08:15 - 00688992 ____R (Swearware) C:\Users\Debbie\Downloads\dds.scr2013-12-03 22:59 - 2013-12-03 22:59 - 00002722 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task2013-12-03 22:55 - 2013-12-03 22:55 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Debbie\Downloads\Repair-tool.exe2013-12-03 21:35 - 2013-12-03 21:37 - 22791896 _____ (Microsoft Corporation) C:\Users\Debbie\Downloads\Windows-KB890830-x64-V5.6.exe2013-12-03 17:59 - 2013-12-03 18:49 - 00000000 ____D C:\Users\Debbie\Downloads\myuninst2013-12-03 17:58 - 2013-12-03 17:58 - 00046124 _____ C:\Users\Debbie\Downloads\myuninst.zip2013-12-03 16:14 - 2013-12-03 16:19 - 00015066 _____ C:\Users\Debbie\Downloads\SystemLook.txt2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\_OTM2013-12-03 14:11 - 2013-12-03 14:11 - 00522240 _____ (OldTimer Tools) C:\Users\Debbie\Downloads\OTM.exe2013-12-03 12:42 - 2013-12-03 12:42 - 00165376 _____ C:\Users\Debbie\Downloads\SystemLook_x64.exe2013-12-03 12:32 - 2013-12-03 12:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-12-03 12:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2013-12-03 12:29 - 2013-12-03 12:30 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1-1.75.0.1300.exe2013-12-03 11:28 - 2013-12-05 23:04 - 00000000 ____D C:\AdwCleaner2013-12-03 11:27 - 2013-12-03 11:27 - 01110034 _____ C:\Users\Debbie\Downloads\AdwCleaner.exe2013-12-03 11:07 - 2013-12-03 11:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group2013-12-03 10:19 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys2013-12-03 10:18 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files (x86)\McAfee.com2013-12-03 10:17 - 2013-12-06 01:37 - 00000000 ____D C:\Program Files (x86)\McAfee2013-12-03 10:17 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files\McAfee.com2013-12-03 09:36 - 2013-11-04 16:46 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe2013-12-03 09:26 - 2013-12-03 09:36 - 05131824 _____ (McAfee, Inc.) C:\Users\Debbie\Downloads\McAfeeSetup-Serial.exe2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Malwarebytes2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-29 00:22 - 2013-11-29 00:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1.75.0.1300.exe2013-11-28 23:22 - 2013-11-28 23:22 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\McAFee TechCheck2013-11-28 23:20 - 2013-11-28 23:24 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\TechCheck2013-11-28 23:20 - 2000-05-22 01:00 - 00244416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msflxgrd.ocx2013-11-28 23:20 - 2000-05-22 01:00 - 00203976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX2013-11-28 09:50 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files\Common Files\McAfee2013-11-28 09:24 - 2013-11-28 09:31 - 00000000 ____D C:\Program Files\stinger2013-11-28 06:27 - 2013-11-28 06:27 - 00002004 _____ C:\Users\Debbie\Desktop\Workout List 8-7-13 - Shortcut.lnk2013-11-27 21:51 - 2013-11-27 21:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-27 21:51 - 2013-11-27 21:52 - 00000000 ____D C:\Program Files\iTunes2013-11-27 21:51 - 2013-11-27 21:52 - 00000000 ____D C:\Program Files (x86)\iTunes2013-11-27 21:51 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iPod2013-11-27 20:10 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\Windows\system32\AdpeakProxy64.dll2013-11-27 17:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE2013-11-27 17:01 - 2013-11-27 17:01 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-11-27 17:01 - 2013-11-27 17:01 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-11-27 17:01 - 2013-11-27 17:01 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-11-27 17:01 - 2013-11-27 17:01 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-11-27 17:01 - 2013-11-27 17:01 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-11-27 17:01 - 2013-11-27 17:01 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-11-27 17:01 - 2013-11-27 17:01 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-11-27 17:01 - 2013-11-27 17:01 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-11-27 17:01 - 2013-11-27 17:01 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-11-27 17:01 - 2013-11-27 17:01 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-11-27 17:01 - 2013-11-27 17:01 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-27 17:01 - 2013-11-27 17:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-27 17:01 - 2013-11-27 17:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-27 17:01 - 2013-11-27 17:01 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-27 17:01 - 2013-11-27 17:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2013-11-27 16:58 - 2013-11-27 17:04 - 00007514 _____ C:\Windows\IE11_main.log2013-11-27 16:52 - 2013-11-27 16:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-11-27 16:52 - 2013-11-27 16:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-11-25 22:20 - 2013-11-25 22:20 - 00006148 ____H C:\Users\Public\.DS_Store2013-11-19 16:35 - 2013-11-27 08:02 - 00002429 _____ C:\Users\Debbie\Desktop\Scott's Weight - Shortcut.lnk2013-11-15 13:51 - 2013-11-15 13:58 - 00000000 ____D C:\bbc32f117dc597ff11b76deb2013-11-14 20:49 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2013-11-14 20:49 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2013-11-14 20:49 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll2013-11-14 20:49 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll2013-11-14 20:49 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2013-11-14 20:49 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll2013-11-14 20:49 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2013-11-14 20:49 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll2013-11-14 20:49 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2013-11-14 20:48 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll2013-11-14 20:48 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL2013-11-14 20:48 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL2013-11-14 20:48 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll2013-11-14 20:48 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL2013-11-14 20:48 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll2013-11-14 20:48 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll2013-11-14 20:48 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2013-11-14 20:48 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2013-11-14 20:48 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2013-11-14 20:48 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2013-11-14 20:48 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2013-11-14 20:48 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2013-11-14 20:48 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2013-11-14 20:48 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2013-11-14 20:48 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2013-11-14 20:48 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2013-11-14 20:48 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2013-11-14 20:48 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2013-11-14 20:48 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2013-11-14 20:48 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys ==================== One Month Modified Files and Folders ======= 2014-09-26 09:28 - 2011-03-26 10:05 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher2014-09-26 09:12 - 2011-03-26 10:05 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job2014-09-26 09:07 - 2011-03-26 10:05 - 00003456 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest2014-09-26 08:57 - 2011-03-26 10:05 - 00004276 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask2013-12-09 13:04 - 2013-12-06 12:05 - 00018152 _____ C:\Users\Debbie\Downloads\FRST.txt2013-12-09 13:02 - 2012-05-26 22:57 - 00000892 _____ C:\Windows\Tasks\SentryBayUpdateTaskMachineUA.job2013-12-09 12:39 - 2011-10-02 00:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-12-09 12:31 - 2012-04-09 23:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-12-09 08:38 - 2011-10-02 00:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-12-09 08:32 - 2009-07-13 23:10 - 01076493 _____ C:\Windows\WindowsUpdate.log2013-12-09 07:45 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-12-09 07:45 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-12-09 07:36 - 2013-10-28 21:27 - 00002848 _____ C:\Windows\System32\Tasks\DriverUpdate Startup2013-12-09 07:36 - 2013-10-28 21:27 - 00000420 _____ C:\Windows\Tasks\DriverUpdate Startup.job2013-12-09 07:34 - 2013-10-28 21:27 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys2013-12-09 07:34 - 2012-05-26 22:57 - 00000888 _____ C:\Windows\Tasks\SentryBayUpdateTaskMachineCore.job2013-12-09 07:34 - 2010-09-02 22:31 - 00000000 ____D C:\Users\Debbie\AppData\Local\SoftThinks2013-12-09 07:34 - 2010-07-12 18:50 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks2013-12-09 07:34 - 2010-07-12 18:50 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks2013-12-09 07:34 - 2010-07-12 18:34 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup2013-12-09 07:33 - 2013-12-06 01:37 - 00000448 _____ C:\Windows\setupact.log2013-12-09 07:33 - 2011-04-23 15:18 - 00065536 _____ C:\Windows\system32\Ikeext.etl2013-12-09 07:33 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-12-09 07:32 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\tracing2013-12-09 00:02 - 2011-10-03 02:09 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Dropbox2013-12-08 23:59 - 2011-10-03 02:13 - 00000000 ___RD C:\Users\Debbie\Dropbox2013-12-08 23:46 - 2013-12-08 23:45 - 00000000 ____D C:\Users\Debbie\Desktop\HOA Acctg2013-12-08 23:40 - 2013-12-08 21:21 - 00000000 ____D C:\Users\Debbie\Desktop\RK reports2013-12-08 21:38 - 2009-07-13 23:13 - 00852936 _____ C:\Windows\system32\PerfStringBackup.INI2013-12-08 18:30 - 2013-12-08 18:30 - 04166144 _____ C:\Users\Debbie\Downloads\RogueKillerX64.exe2013-12-08 10:13 - 2012-04-19 12:37 - 00000000 ____D C:\Users\Debbie\AppData\Local\BCE66ED4-FCC7-4397-B8C3-53BA4963CEE9.aplzod2013-12-08 08:33 - 2011-10-02 00:53 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-12-08 08:33 - 2011-10-02 00:53 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-12-08 08:27 - 2010-09-02 22:31 - 00000000 ____D C:\Users\Debbie2013-12-08 08:21 - 2013-12-06 22:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-12-08 08:21 - 2013-12-06 22:30 - 00000000 ____D C:\Users\Debbie\Desktop\mbar2013-12-08 08:21 - 2013-12-06 22:29 - 00000000 ____D C:\Users\Debbie\Desktop\Malwarbytes Anti-Rootkit2013-12-08 08:21 - 2013-12-06 12:05 - 00000000 ____D C:\FRST2013-12-08 08:21 - 2013-12-05 23:02 - 00000000 ____D C:\Users\Debbie\Desktop\Scorpion Forum clean up reports2013-12-08 08:21 - 2013-09-18 01:20 - 00000000 ____D C:\Users\Debbie\Desktop\CDSP Troy Mac servers2013-12-08 08:21 - 2013-02-12 13:58 - 00000000 ____D C:\Users\Debbie\Desktop\Labels2013-12-08 08:21 - 2010-09-04 04:25 - 00000000 ___SD C:\Users\Debbie\Documents\My ScanSnap2013-12-08 08:21 - 2009-07-14 01:44 - 00000000 ___RD C:\Users\Public\Recorded TV2013-12-08 08:21 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files\Windows Defender2013-12-08 08:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF2013-12-08 08:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration2013-12-08 08:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\AppCompat2013-12-07 03:33 - 2013-10-17 12:26 - 00000000 ____D C:\Users\Debbie\Desktop\Photos to file into folders2013-12-06 23:27 - 2013-12-06 22:34 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2013-12-06 23:26 - 2013-12-06 22:31 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-12-06 23:18 - 2010-07-12 20:00 - 00362322 _____ C:\Windows\PFRO.log2013-12-06 23:18 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Speech2013-12-06 22:29 - 2013-12-06 22:28 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Debbie\Downloads\mbar-1.07.0.1007.exe2013-12-06 12:17 - 2013-12-06 12:06 - 00033569 _____ C:\Users\Debbie\Downloads\Addition.txt2013-12-06 12:04 - 2013-12-06 12:04 - 01925820 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe2013-12-06 01:37 - 2013-12-06 01:37 - 00000000 _____ C:\Windows\setuperr.log2013-12-06 01:37 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files (x86)\McAfee2013-12-05 23:04 - 2013-12-03 11:28 - 00000000 ____D C:\AdwCleaner2013-12-05 08:15 - 2013-12-05 08:15 - 00688992 ____R (Swearware) C:\Users\Debbie\Downloads\dds.scr2013-12-03 22:59 - 2013-12-03 22:59 - 00002722 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task2013-12-03 22:55 - 2013-12-03 22:55 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Debbie\Downloads\Repair-tool.exe2013-12-03 21:37 - 2013-12-03 21:35 - 22791896 _____ (Microsoft Corporation) C:\Users\Debbie\Downloads\Windows-KB890830-x64-V5.6.exe2013-12-03 18:49 - 2013-12-03 17:59 - 00000000 ____D C:\Users\Debbie\Downloads\myuninst2013-12-03 17:58 - 2013-12-03 17:58 - 00046124 _____ C:\Users\Debbie\Downloads\myuninst.zip2013-12-03 16:19 - 2013-12-03 16:14 - 00015066 _____ C:\Users\Debbie\Downloads\SystemLook.txt2013-12-03 15:34 - 2012-08-21 13:52 - 00000000 ____D C:\ProgramData\McAfee2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\_OTM2013-12-03 14:11 - 2013-12-03 14:11 - 00522240 _____ (OldTimer Tools) C:\Users\Debbie\Downloads\OTM.exe2013-12-03 12:50 - 2011-02-12 00:07 - 00000000 ____D C:\Program Files (x86)\Safari2013-12-03 12:42 - 2013-12-03 12:42 - 00165376 _____ C:\Users\Debbie\Downloads\SystemLook_x64.exe2013-12-03 12:33 - 2013-12-03 12:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-12-03 12:30 - 2013-12-03 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1-1.75.0.1300.exe2013-12-03 11:27 - 2013-12-03 11:27 - 01110034 _____ C:\Users\Debbie\Downloads\AdwCleaner.exe2013-12-03 11:07 - 2013-12-03 11:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group2013-12-03 10:19 - 2013-10-08 23:57 - 00000000 ____D C:\Program Files\McAfee2013-12-03 10:18 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files (x86)\McAfee.com2013-12-03 10:18 - 2013-11-28 09:50 - 00000000 ____D C:\Program Files\Common Files\McAfee2013-12-03 10:17 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files\McAfee.com2013-12-03 09:36 - 2013-12-03 09:26 - 05131824 _____ (McAfee, Inc.) C:\Users\Debbie\Downloads\McAfeeSetup-Serial.exe2013-11-29 16:54 - 2013-09-29 21:28 - 00000000 ____D C:\Users\Debbie\Desktop\Rental Statements2013-11-29 13:17 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache2013-11-29 10:30 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-11-29 08:19 - 2010-09-04 16:48 - 00842006 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-11-29 00:32 - 2013-10-22 00:17 - 00000095 _____ C:\Users\Debbie\AppData\Roaming\WB.CFG2013-11-29 00:32 - 2009-08-20 00:17 - 00000006 _____ C:\Users\Debbie\AppData\Roaming\WBPU-TTL.DAT2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Malwarebytes2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-29 00:23 - 2013-11-29 00:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1.75.0.1300.exe2013-11-28 23:24 - 2013-11-28 23:20 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\TechCheck2013-11-28 23:22 - 2013-11-28 23:22 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\McAFee TechCheck2013-11-28 09:31 - 2013-11-28 09:24 - 00000000 ____D C:\Program Files\stinger2013-11-28 06:27 - 2013-11-28 06:27 - 00002004 _____ C:\Users\Debbie\Desktop\Workout List 8-7-13 - Shortcut.lnk2013-11-27 21:53 - 2013-11-27 21:51 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-27 21:52 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iTunes2013-11-27 21:52 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files (x86)\iTunes2013-11-27 21:51 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iPod2013-11-27 21:35 - 2010-09-02 22:31 - 00000000 ___RD C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-11-27 19:03 - 2010-09-02 22:37 - 00001415 _____ C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-27 17:04 - 2013-11-27 16:58 - 00007514 _____ C:\Windows\IE11_main.log2013-11-27 17:01 - 2013-11-27 17:01 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-11-27 17:01 - 2013-11-27 17:01 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-11-27 17:01 - 2013-11-27 17:01 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-11-27 17:01 - 2013-11-27 17:01 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-11-27 17:01 - 2013-11-27 17:01 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-11-27 17:01 - 2013-11-27 17:01 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-11-27 17:01 - 2013-11-27 17:01 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-11-27 17:01 - 2013-11-27 17:01 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-11-27 17:01 - 2013-11-27 17:01 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-11-27 17:01 - 2013-11-27 17:01 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-11-27 17:01 - 2013-11-27 17:01 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-11-27 17:01 - 2013-11-27 17:01 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-27 17:01 - 2013-11-27 17:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-27 17:01 - 2013-11-27 17:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-27 17:01 - 2013-11-27 17:01 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-27 17:01 - 2013-11-27 17:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-27 17:01 - 2013-11-27 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-27 17:01 - 2013-11-27 17:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2013-11-27 16:52 - 2013-11-27 16:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-11-27 16:52 - 2013-11-27 16:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-11-27 16:52 - 2012-03-14 12:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-11-27 16:52 - 2012-03-14 12:02 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-11-27 16:52 - 2010-07-12 18:08 - 00000000 ____D C:\Program Files (x86)\Java2013-11-27 16:49 - 2010-09-03 00:50 - 00000000 ____D C:\ProgramData\Skype2013-11-27 16:44 - 2012-04-09 23:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-11-27 16:44 - 2012-04-09 23:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-11-27 16:44 - 2012-03-14 15:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-11-27 08:02 - 2013-11-19 16:35 - 00002429 _____ C:\Users\Debbie\Desktop\Scott's Weight - Shortcut.lnk2013-11-25 22:20 - 2013-11-25 22:20 - 00006148 ____H C:\Users\Public\.DS_Store2013-11-21 06:52 - 2013-10-21 23:15 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys2013-11-19 13:50 - 2009-07-13 22:54 - 00000749 ___RH C:\Windows\WindowsShell.Manifest2013-11-19 13:50 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Public\Libraries2013-11-19 03:33 - 2010-09-03 00:14 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2013-11-18 13:41 - 2009-07-13 20:34 - 00000608 _____ C:\Windows\win.ini2013-11-18 12:08 - 2013-08-07 21:53 - 00007545 _____ C:\Windows\LkmdfCoInst.log2013-11-18 12:07 - 2013-08-07 21:53 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys2013-11-15 14:32 - 2010-09-03 11:16 - 00000000 ____D C:\Users\Debbie\AppData\Local\Adobe2013-11-15 14:00 - 2010-09-04 09:01 - 00000000 ____D C:\ProgramData\Microsoft Help2013-11-15 13:58 - 2013-11-15 13:51 - 00000000 ____D C:\bbc32f117dc597ff11b76deb2013-11-15 13:58 - 2013-07-31 05:01 - 00000000 ____D C:\Windows\system32\MRT Some content of TEMP:====================C:\Users\Debbie\AppData\Local\Temp\dhddur7u.dllC:\Users\Debbie\AppData\Local\Temp\ntdll_dump.dllC:\Users\Debbie\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-30 07:56 ==================== End Of Log ============================

MrC, I hope you won't shoot me! I screwed up and had to restore my computer back until yesterday, so I had to rerun the RogueKiller. Here is the new report. i deleted the files as you had previously told me. And my computer is running extremely slow! RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Debbie [Admin rights]Mode : Scan -- Date : 12/08/2013 22:39:21| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 12 ¤¤¤[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\?��?��?��\?��?��?��\???ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\GoogleUpdate.exe" >) -> FOUND[RUN][ZeroAccess] HKUS\S-1-5-21-859821945-3822535395-818512663-1000\[...]\Run : Google Update ("C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\?��?��?��\?��?��?��\???ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\GoogleUpdate.exe" >) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤[Debbie][sUSP PATH] _uninst_05648578.lnk : C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk @C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat [-][x] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 +++++--- User ---[MBR] 5ea7e81eaf591d3ec1f78e1d30874d01[bSP] b7b3eb14adfd50ca04b936abaf85fbb5 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_12082013_223919.txt >>RKreport[0]_D_12082013_213107.txt;RKreport[0]_S_12082013_213039.txt

I'm unable to work on my computer this morning. I will be on later this afternoon.

I found it! (I was being overly cautious) and deleted the one file. I rebooted, rescanned and here is the report. --- appears the file is gone. Again, thanks for being there. Do you want me to continue with your earlier directions starting with the ComboFix? RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Debbie [Admin rights]Mode : Scan -- Date : 12/07/2013 22:09:16| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 10 ¤¤¤[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤[Debbie][sUSP PATH] _uninst_05648578.lnk : C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk @C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat [-][x] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 +++++--- User ---[MBR] 5ea7e81eaf591d3ec1f78e1d30874d01[bSP] b7b3eb14adfd50ca04b936abaf85fbb5 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_12072013_220916.txt >>

RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Debbie [Admin rights] Mode : Scan -- Date : 12/07/2013 21:24:53 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 11 ¤¤¤ [sERVICE][ZeroAccess] HKLM\[...]\CS002\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\???ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\GoogleUpdate.exe" < [x]) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤ [Debbie][sUSP PATH] _uninst_05648578.lnk : C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk @C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat [-][x] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 +++++ --- User --- [MBR] 5ea7e81eaf591d3ec1f78e1d30874d01 [bSP] b7b3eb14adfd50ca04b936abaf85fbb5 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_12072013_212453.txt >>

Mr C, Thank you for your quick response and for working so late. I am not sure what exactly I am to do here. I ran the RogueKiller again, did the scan, and under the registry tab I had 12 files that were all checked. I'm not sure what you want checked and unchecked, nor did I understand the quote you have here. I have no files of the 12 found that start with [service][ZeroAccess] HKLM\..... deb

I got it!!! Thanks for your baby instructions for me. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-12-2013 Ran by Debbie at 2013-12-07 19:28:11 Run:1Running from C:\Users\Debbie\DesktopBoot Mode: Normal============================================== Content of fixlist:*****************HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service"U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\???\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)C:\Windows\system32\AdpeakProxy64.dllToolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileToolbar: HKCU - No Name - {8413196D-E290-4418-B5C6-A3B1379A909C} - No FileToolbar: HKCU - No Name - {F999A48B-1950-4D81-9971-79018F807B4B} - No FileHandler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No FileHandler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No FileFF Extension: ScorpionSaver - C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\Extensions\ScorpionSaver@jetpackC:\Users\Debbie\AppData\Local\Google\Desktop\InstallC:\Program Files (x86)\Google\Desktop\InstallC:\Users\Debbie\AppData\Local\Temp\dhddur7u.dllC:\Users\Debbie\AppData\Local\Temp\Quarantine.exeDeleteJunctionsIndirectory: C:\Program Files\Windows Defender ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update* => Value deleted successfully.HKLM\System\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => Key deleted successfully.*etadpug => Service deleted successfully.C:\Windows\system32\AdpeakProxy64.dll => Moved successfully.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8413196D-E290-4418-B5C6-A3B1379A909C} => Value deleted successfully.HKCR\CLSID\{8413196D-E290-4418-B5C6-A3B1379A909C} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F999A48B-1950-4D81-9971-79018F807B4B} => Value deleted successfully.HKCR\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B} => Key not found.HKCR\PROTOCOLS\Handler\cozi => Key deleted successfully.HKCR\CLSID\{5356518D-FE9C-4E08-9C1F-1E872ECD367F} => Key not found.HKCR\Wow6432Node\PROTOCOLS\Handler\gopher => Key deleted successfully.HKCR\Wow6432Node\CLSID\{79eac9e4-baf9-11ce-8c82-00aa004ba90b} => Key not found.C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\Extensions\ScorpionSaver@jetpack => Moved successfully.C:\Users\Debbie\AppData\Local\Google\Desktop\Install => Moved successfully.C:\Program Files (x86)\Google\Desktop\Install => Moved successfully.C:\Users\Debbie\AppData\Local\Temp\dhddur7u.dll => Moved successfully.C:\Users\Debbie\AppData\Local\Temp\Quarantine.exe => Moved successfully."C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started."C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed. ==== End of Fixlog ==== RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Debbie [Admin rights]Mode : Scan -- Date : 12/07/2013 19:44:11| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 11 ¤¤¤[sERVICE][ZeroAccess] HKLM\[...]\CS002\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\???ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\GoogleUpdate.exe" < [x]) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤[Debbie][sUSP PATH] _uninst_05648578.lnk : C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk @C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat [-][x] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 +++++--- User ---[MBR] 5ea7e81eaf591d3ec1f78e1d30874d01[bSP] b7b3eb14adfd50ca04b936abaf85fbb5 : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_12072013_194411.txt >>

Mr C, I am SO sorry, I have goofed up. So now I need to be very sure I understand what you are asking, as I did the fixlist wrong. I sent you all of the report, so I goofed up. You asked me to: Download the attached fixlist.txt to the same folder as FRST. Run FRST.exe and click Fix only once and wait The tool will create a log (Fixlog.txt) in the folder, please post it to your reply. I am sorry to be so dense, but how do I download this file to the same folder as FRST? I have a notepad FRST but no folder. And I could not find the FRST.exe file in my downloads. Is it too late to redo this step? I will do nothing more until I hear back from you. I hope I didn't mess everything up. Debbie

Oh my gosh! But it all works, you are amazing. Thank you so much. I did the important changes to my security, of passwords, etc. And then I proceeded to clean the computer. Here are my reports. At the end of this cleanup, my windows firewall is being managed by vendor application McAfee Personal Firewall, my internet is working fine, window updates were current and my windows Defender is back and wanting to do a scan. Fixlog.txt log: HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service" U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\???\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess) C:\Windows\system32\AdpeakProxy64.dll Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {8413196D-E290-4418-B5C6-A3B1379A909C} - No File Toolbar: HKCU - No Name - {F999A48B-1950-4D81-9971-79018F807B4B} - No File Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File FF Extension: ScorpionSaver - C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\Extensions\ScorpionSaver@jetpack C:\Users\Debbie\AppData\Local\Google\Desktop\Install C:\Program Files (x86)\Google\Desktop\Install C:\Users\Debbie\AppData\Local\Temp\dhddur7u.dll C:\Users\Debbie\AppData\Local\Temp\Quarantine.exe DeleteJunctionsIndirectory: C:\Program Files\Windows Defender =========================================================== Mbar-log (I had two files) FIRST ONE: Malwarebytes Anti-Rootkit BETA 1.07.0.1007 www.malwarebytes.org Database version: v2013.12.07.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Debbie :: DEBBIE-DELL [administrator] 12/06/13 10:34:13 PM mbar-log-2013-12-06 (22-34-13).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 258472 Time elapsed: 32 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Google Update^❤ (Trojan.Zaccess) -> Data: -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 14 C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙ (Trojan.0Access) -> Delete on reboot. C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨ (Trojan.0Access) -> Delete on reboot. C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛ (Trojan.0Access) -> Delete on reboot. C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} (Trojan.0Access) -> Delete on reboot. C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\L (Trojan.0Access) -> Delete on reboot. C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\U (Trojan.0Access) -> Delete on reboot. C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} (Trojan.0Access) -> Delete on reboot. c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ (Trojan.0Access) -> Delete on reboot. c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \... (Trojan.0Access) -> Delete on reboot. c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛ (Trojan.0Access) -> Delete on reboot. c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} (Trojan.0Access) -> Delete on reboot. c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\l (Trojan.0Access) -> Delete on reboot. c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\u (Trojan.0Access) -> Delete on reboot. C:\Program Files (x86)\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} (Trojan.0Access) -> Delete on reboot. Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) =========================================== SECOND ONE: Malwarebytes Anti-Rootkit BETA 1.07.0.1007 www.malwarebytes.org Database version: v2013.10.02.12 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Debbie :: DEBBIE-DELL [administrator] 12/06/13 11:27:07 PM mbar-log-2013-12-06 (23-27-07).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 249175 Time elapsed: 26 minute(s), 3 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) ======================================= SYSTEM-LOG: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1007 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.16428 Java version: 1.6.0_31 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.261000 GHz Memory total: 4081606656, free: 2150969344 Downloaded database version: v2013.12.07.02 Downloaded database version: v2013.10.11.02 ======================================= Initializing... ------------ Kernel report ------------ 12/06/2013 22:34:08 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\C:\Windows\system32\drivers\avgtpx64.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \??\C:\Windows\system32\drivers\ElRawDsk.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\drivers\usbehci.sys \SystemRoot\system32\drivers\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\bcmwl664.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\L1C62x64.sys \SystemRoot\system32\drivers\i8042prt.sys \??\C:\Windows\system32\drivers\epfilter.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\bcmvwl64.sys \SystemRoot\system32\DRIVERS\wanatw64.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\system32\DRIVERS\mfencbdc.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\CtClsFlt.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\LHidFilt.Sys \SystemRoot\system32\DRIVERS\LMouFilt.Sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\SaiH8000.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\ACFSDK64.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\DRIVERS\ACFXAU64.sys \??\C:\Program Files (x86)\AOL\DataMask by AOL\epinject64.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\asyncmac.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\system32\DRIVERS\usbscan.sys \SystemRoot\system32\DRIVERS\usbprint.sys \SystemRoot\system32\DRIVERS\dot4usb.sys \SystemRoot\system32\DRIVERS\Dot4.sys \SystemRoot\system32\DRIVERS\Dot4Prt.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\drivers\btusbflt.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\system32\DRIVERS\rfcomm.sys \SystemRoot\system32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\system32\DRIVERS\btwavdt.sys \SystemRoot\system32\drivers\btwaudio.sys \SystemRoot\system32\DRIVERS\btwl2cap.sys \SystemRoot\system32\DRIVERS\btwrchid.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004c54060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800498d050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004c54060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004afa9d0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004c54060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800498d050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7188B833 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 206848 Numsec = 30720000 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 30926848 Numsec = 594213552 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)... Done! Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Google Update^❤ --> [Trojan.Zaccess] Infected: C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙ --> [Trojan.0Access] Infected: C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨ --> [Trojan.0Access] Infected: C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛ --> [Trojan.0Access] Infected: C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} --> [Trojan.0Access] Infected: C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\L --> [Trojan.0Access] Infected: C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\U --> [Trojan.0Access] Infected: C:\Users\Debbie\AppData\Local\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} --> [Trojan.0Access] Infected: c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ --> [Trojan.0Access] Infected: c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \... --> [Trojan.0Access] Infected: c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛ --> [Trojan.0Access] Infected: c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} --> [Trojan.0Access] Infected: c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\l --> [Trojan.0Access] Infected: c:\program files (x86)\google\desktop\install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\ﯹ๛\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\u --> [Trojan.0Access] Infected: C:\Program Files (x86)\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b} --> [Trojan.0Access] Scan finished Creating System Restore point... Cleaning up... Executing an action fixdamage.exe... Success! Queuing an action fixdamage.exe Removal scheduling successful. System shutdown needed. System shutdown occurred ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1007 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.16428 Java version: 1.6.0_31 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.261000 GHz Memory total: 4081606656, free: 2496331776 ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1007 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 11.0.9600.16428 Java version: 1.6.0_31 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.261000 GHz Memory total: 4081606656, free: 1494990848 ======================================= Initializing... ------------ Kernel report ------------ 12/06/2013 23:27:01 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\System32\drivers\imofugc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\DRIVERS\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\drivers\mfehidk.sys \SystemRoot\System32\Drivers\PxHlpa64.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\mfewfpk.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \??\C:\Windows\system32\drivers\avgtpx64.sys \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \??\C:\Windows\system32\drivers\ElRawDsk.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\drivers\usbehci.sys \SystemRoot\system32\drivers\USBPORT.SYS \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\bcmwl664.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\L1C62x64.sys \SystemRoot\system32\drivers\i8042prt.sys \??\C:\Windows\system32\drivers\epfilter.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\Impcd.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\bcmvwl64.sys \SystemRoot\system32\DRIVERS\wanatw64.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\system32\drivers\mfeavfk.sys \SystemRoot\system32\drivers\mfefirek.sys \SystemRoot\system32\DRIVERS\mfencbdc.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\CtClsFlt.sys \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\LHidFilt.Sys \SystemRoot\system32\DRIVERS\LMouFilt.Sys \SystemRoot\system32\DRIVERS\SaiH8000.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\usbscan.sys \SystemRoot\system32\DRIVERS\usbprint.sys \SystemRoot\system32\DRIVERS\dot4usb.sys \SystemRoot\system32\DRIVERS\Dot4.sys \SystemRoot\system32\DRIVERS\Dot4Prt.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\ACFSDK64.sys \SystemRoot\system32\drivers\btusbflt.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\system32\DRIVERS\rfcomm.sys \SystemRoot\system32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\system32\DRIVERS\btwavdt.sys \SystemRoot\system32\drivers\btwaudio.sys \SystemRoot\system32\DRIVERS\btwl2cap.sys \SystemRoot\system32\DRIVERS\btwrchid.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\system32\drivers\mfeapfk.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\DRIVERS\ACFXAU64.sys \??\C:\Program Files (x86)\AOL\DataMask by AOL\epinject64.sys \SystemRoot\system32\drivers\cfwids.sys \SystemRoot\System32\Drivers\fastfat.SYS \??\C:\Windows\system32\drivers\mbamchameleon.sys \SystemRoot\system32\drivers\spsys.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004c6a060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa8004940050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004c6a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004aef9e0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004c6a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8004940050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7188B833 Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 206848 Numsec = 30720000 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 30926848 Numsec = 594213552 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 320072933376 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)... Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_206848_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removal finished ===============================================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2013 Ran by Debbie at 2013-12-06 12:06:54 Running from C:\Users\Debbie\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (x32) 4500_G510gm_Help (x32 Version: 000.0.439.000) 4500_G510nz_Help (x32 Version: 000.0.439.000) 4500G510gm (x32 Version: 000.0.423.000) 4500G510gm_Software_Min (x32 Version: 000.0.423.000) 4500G510nz (x32 Version: 000.0.439.000) 4500G510nz_Software_Min (x32 Version: 000.0.423.000) 64 Bit HP CIO Components Installer (Version: 7.2.8) ABBYY FineReader for ScanSnap 4.0 (x32 Version: 8.00.245.56422) Adobe AIR (x32 Version: 2.7.1.19610) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152) Adobe Reader XI (11.0.05) (x32 Version: 11.0.05) Advanced Audio FX Engine (x32 Version: 1.12.05) AirPort (x32 Version: 5.6.1.2) AOL Uninstaller (Choose which Products to Remove) (x32) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) Banctec Service Agreement (x32 Version: 2.0.0) Bonjour (Version: 3.0.0.10) Bonjour Print Services (Version: 2.0.2.0) BufferChm (x32 Version: 130.0.331.000) Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1) CameraHelperMsi (x32 Version: 13.25.1010.0) CardMinder (x32 Version: V4.0L11) CardMinder V4.0 (x32 Version: 4.0.11.1) Conexant USB D400 V.92 Modem (Version: 2.0.12.50) Consumer In-Home Service Agreement (x32 Version: 2.0.0) Cozi (x32 Version: 1.0.4323.24051) Crystal Reports Basic Runtime for Visual Studio 2008 (x32 Version: 10.5.2.0) D3DX10 (x32 Version: 15.4.2368.0902) Data Lifeguard Diagnostic for Windows (x32 Version: 1.13) DataMask by AOL (x32 Version: 5.6.0.8734) Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.60) Dell DataSafe Local Backup (x32 Version: 9.4.60) Dell DataSafe Online (x32 Version: 1.2.0009) Dell Dock (Version: 2.0.0) Dell Driver Download Manager (HKCU Version: 2.1.0.0) Dell Edoc Viewer (Version: 1.0.0) Dell Getting Started Guide (x32 Version: 1.00.0000) Dell Support Center (Version: 3.0.5744.02) Dell Webcam Central (x32 Version: 1.40.05) Destinations (x32 Version: 130.0.0.0) DeviceDiscovery (x32 Version: 130.0.372.000) DocMgr (x32 Version: 130.0.000.000) DocProc (x32 Version: 13.0.0.0) Documents To Go Desktop for iPhone (x32 Version: 2.0000.006) DriverUpdate (x32 Version: 2.2.30452) Dropbox (HKCU Version: 2.0.22) DW WLAN Card (Version: 5.60.48.35) EDDI-7 (x32 Version: 1.2.0) eReg (x32 Version: 1.20.138.34) Fax (x32 Version: 130.0.418.000) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54) Google Update Helper (x32 Version: 1.3.21.165) GPBaseService2 (x32 Version: 130.0.371.000) HP Customer Participation Program 13.0 (Version: 13.0) hp deskjet 5550 series (Remove only) (x32) HP Document Manager 2.0 (Version: 2.0) HP Imaging Device Functions 13.0 (Version: 13.0) HP Officejet 4500 G510g-m (Version: 13.0) HP Officejet 4500 G510n-z (Version: 13.0) hp print screen utility (x32) HP Smart Web Printing 4.5 (Version: 4.5) HP Solution Center 13.0 (Version: 13.0) HP Update (x32 Version: 4.000.011.006) HPProductAssistant (x32 Version: 130.0.371.000) iCloud (Version: 2.1.1.3) Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2097) Intel® Management Engine Components (x32 Version: 6.0.0.1179) iPhone Configuration Utility (x32 Version: 3.6.2.300) IrfanView (remove only) (x32 Version: 4.27) iTunes (Version: 11.1.3.8) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: 2.1.9.8) Java 6 Update 31 (x32 Version: 6.0.310) Junk Mail filter update (x32 Version: 15.4.3502.0922) Logitech SetPoint 6.61 (Version: 6.61.15) Logitech Unifying Software 2.10 (Version: 2.10.37) Logitech Vid HD (x32 Version: 7.2 (7248)) Logitech Webcam Software (x32 Version: 2.0) LoJack Factory Installer (x32 Version: 1.0.0) LWS Facebook (x32 Version: 13.20.1166.0) LWS Gallery (x32 Version: 13.20.1166.0) LWS Help_main (x32 Version: 13.25.1016.0) LWS Launcher (x32 Version: 13.20.1166.0) LWS Motion Detection (x32 Version: 13.20.1176.0) LWS Pictures And Video (x32 Version: 13.25.1010.0) LWS Twitter (x32 Version: 13.20.1166.0) LWS Video Mask Maker (x32 Version: 13.10.1216.0) LWS VideoEffects (Version: 13.25.1005.0) LWS Webcam Software (x32 Version: 13.20.1168.0) LWS WLM Plugin (x32 Version: 1.20.1166.0) LWS YouTube Plugin (x32 Version: 13.20.1166.0) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) MarketResearch (x32 Version: 130.0.374.000) McAfee SecurityCenter (x32 Version: 12.8.856) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000) Microsoft Office 2000 Professional (x32 Version: 9.00.2720) Microsoft Office 2003 Web Components (x32 Version: 11.0.8173.0) Microsoft Office 2007 Primary Interop Assemblies (x32 Version: 12.0.4518.1014) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Accounting 2008 (x32 Version: 3.0.8627.1) Microsoft Office Accounting 2008 Equifax Addin (x32 Version: 3.0.8231.0) Microsoft Office Accounting 2008 Fixed Asset Manager (x32 Version: 3.0.8231.0) Microsoft Office Accounting 2008 PayPal Addin (x32 Version: 3.0.8231.0) Microsoft Office Accounting ADP Payroll Addin (x32 Version: 0.0.0.0) Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Live Meeting 2007 (x32 Version: 8.0.6362.201) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Small Business 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Small Business Connectivity Components (x32 Version: 2.0.7024.0) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft SQL Server 2005 (x32) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00) Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00) Microsoft SQL Server Native Client (Version: 9.00.5000.00) Microsoft SQL Server Setup Support Files (English) (x32 Version: 9.00.5000.00) Microsoft SQL Server VSS Writer (Version: 9.00.5000.00) Microsoft VC9 runtime libraries (x32 Version: 1.0.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.58299) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Mobile Partner (x32 Version: 11.302.09.05.540) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Network64 (Version: 130.0.374.000) Network64 (Version: 140.0.221.000) OCR Software by I.R.I.S. 13.0 (Version: 13.0) PowerDVD DX (x32 Version: 8.3.6029) Quickset64 (Version: 10.5.1) QuickTime (x32 Version: 7.74.80.86) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6039) Revo Uninstaller 1.95 (x32 Version: 1.95) Rosetta Stone Version 3 (x32 Version: 3.4.5.0) Roxio Burn (x32 Version: 1.01) RTC Client API v1.2 (x32 Version: 1.2.0000) Safari (x32 Version: 5.34.57.2) Scan (x32 Version: 13.0.0.0) Scan to Microsoft SharePoint (x32 Version: 3.3.4) ScanSnap (x32 Version: 5.0.12.4) ScanSnap (x32 Version: 5.1.41.1) ScanSnap Manager (x32 Version: V5.1L41) SentryBay Update Helper (x32 Version: 1.0.0.7621) Shared C Run-time for x64 (Version: 10.0.0) Skype™ 6.3 (x32 Version: 6.3.105) SmartWebPrinting (x32 Version: 130.0.373.000) SolutionCenter (x32 Version: 130.0.373.000) Status (x32 Version: 130.0.373.000) Synaptics Pointing Device Driver (Version: 14.0.15.0) System Checkup 3.4 (x32 Version: 3.4.0.47) Toolbox (x32 Version: 130.0.648.000) TrayApp (x32 Version: 130.0.376.000) Uninstall AOL Emergency Connect Utility 1.0 (x32) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office Excel 2007 Help (KB963678) (x32) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 Help (KB963677) (x32) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition (x32) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update for Microsoft Office Publisher 2007 Help (KB963667) (x32) Update for Microsoft Office Script Editor Help (KB963671) (x32) Update for Microsoft Office Word 2007 Help (KB963665) (x32) WD Anywhere Backup (x32) WD Drive Manager (x64) (Version: 2.107) WD SmartWare (Version: 1.2.0.8) WD SmartWare (Version: 1.5.1) WebReg (x32 Version: 130.0.132.017) Webshots Desktop (x32 Version: 3.1.5.7619) WIDCOMM Bluetooth Software (Version: 6.2.0.9600) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3502.0922) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3502.0922) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Sync (x32 Version: 14.0.8089.726) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Migration Assistant (x32 Version: 1.0.1.3) Yahoo! Messenger (x32) Zip Extractor Packages (HKCU) ==================== Restore Points ========================= 27-11-2013 22:38:36 McAfee Vulnerability Scanner 27-11-2013 22:57:37 Windows Update 28-11-2013 03:45:03 Installed iTunes 29-11-2013 12:17:55 Removed ScorpionSaver Services 29-11-2013 14:14:47 Windows Update 29-11-2013 15:55:45 Installed Microsoft Fix it 50123 03-12-2013 17:14:15 Revo Uninstaller's restore point - ScorpionSaver 03-12-2013 17:14:57 Removed ScorpionSaver 03-12-2013 17:19:02 Revo Uninstaller's restore point - ScorpionSaver 04-12-2013 05:17:06 Revo Uninstaller's restore point - RegCure Pro ==================== Hosts content: ========================== 2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {2161D5C8-6CA9-4ADD-8150-763C11992774} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe Task: {2527672F-FEB4-4073-A047-781C8A544017} - System32\Tasks\{8A7F67A0-535A-4BC4-870D-FFE13D0748DC} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28] (Skype Technologies S.A.) Task: {525791B2-85E9-4366-8094-C1F906EFEA94} - System32\Tasks\SentryBayUpdateTaskMachineUA => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [2012-05-26] (AOL) Task: {63860A29-97EE-4AB6-AC7E-02C828E64A18} - System32\Tasks\SentryBayUpdateTaskMachineCore => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [2012-05-26] (AOL) Task: {6AB51355-9681-4926-BEC4-2C9CEA1918D6} - System32\Tasks\LoJack for Laptops Install => C:\Program Files (x86)\Absolute Software\LoJack Install\FactoryInstaller.exe [2009-11-26] (Absolute Software) Task: {6DC3EF15-1FAA-4F71-9F95-3769662369B9} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-11-18] (PC-Doctor, Inc.) Task: {759191FC-F8DB-48C4-BBA1-F5D48DD0DCE7} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2013-06-22] (SlimWare Utilities, Inc.) Task: {7F874E8C-AD73-485B-BF3B-45029D96E2D1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-27] (Adobe Systems Incorporated) Task: {8005C2E5-84F9-475E-9109-0F050F486B0E} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-11-18] (PC-Doctor, Inc.) Task: {ABC33AA9-793D-4BBF-83B5-0C8E2F7D93FE} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-11-18] (PC-Doctor, Inc.) Task: {D9ACB393-BE20-460D-B92F-C398899A3E93} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {DA1312CA-80BE-4498-8CA6-723E420194E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02] (Google Inc.) Task: {F47BC2A3-BF27-43B6-9BDE-5E4AA083732E} - \DigitalSite No Task File Task: {FB647A03-4195-4866-A6C7-C6122CCE812A} - \BackgroundContainer Startup Task No Task File Task: {FD16B632-4075-4DAB-88BF-7540AAC53D5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe Task: C:\Windows\Tasks\SentryBayUpdateTaskMachineCore.job => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe Task: C:\Windows\Tasks\SentryBayUpdateTaskMachineUA.job => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe ==================== Loaded Modules (whitelisted) ============= 2012-12-17 18:14 - 2012-12-17 18:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-06-16 17:49 - 2011-06-16 17:49 - 00503296 _____ () C:\Program Files (x86)\AOL\DataMask by AOL\libxml2.dll 2013-04-30 16:31 - 2013-04-30 16:31 - 00293376 _____ () C:\Program Files (x86)\AOL\DataMask by AOL\libxmlsec.dll 2013-04-30 16:31 - 2013-04-30 16:31 - 00167936 _____ () C:\Program Files (x86)\AOL\DataMask by AOL\libxmlsec-mscrypto.dll 2010-07-12 18:34 - 2011-08-01 11:55 - 00132416 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll 2010-07-12 18:34 - 2011-08-01 11:54 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll 2010-07-12 18:34 - 2011-08-01 11:55 - 00079168 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll 2010-09-03 10:26 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll 2012-05-30 21:06 - 2012-05-30 21:06 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll 2012-05-30 21:06 - 2012-05-30 21:06 - 01242512 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Debbie\Desktop\Screen Shot 2013-10-31 at 8.34.57 PM.png:com.dropbox.attributes AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== Faulty Device Manager Devices ============= Name: Officejet 4500 G510n-z Description: Officejet 4500 G510n-z Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Bluetooth Peripheral Device Description: Bluetooth Peripheral Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/06/2013 11:55:25 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/06/2013 11:55:25 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/06/2013 11:36:24 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/06/2013 06:35:17 AM) (Source: Application Error) (User: ) Description: Faulting application name: DriverUpdate.exe, version: 2.2.30452.7890, time stamp: 0x51c6045c Faulting module name: DriverUpdate.exe, version: 2.2.30452.7890, time stamp: 0x51c6045c Exception code: 0xc0000005 Fault offset: 0x00021ad8 Faulting process id: 0xde0 Faulting application start time: 0xDriverUpdate.exe0 Faulting application path: DriverUpdate.exe1 Faulting module path: DriverUpdate.exe2 Report Id: DriverUpdate.exe3 Error: (12/04/2013 07:41:54 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 24864922 Error: (12/04/2013 07:41:54 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 24864922 Error: (12/04/2013 07:41:53 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/04/2013 03:19:26 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/03/2013 09:04:55 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (12/03/2013 09:04:55 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (12/06/2013 11:17:07 AM) (Source: DCOM) (User: ) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (12/06/2013 11:16:56 AM) (Source: Service Control Manager) (User: ) Description: The Windows Firewall service terminated with service-specific error %%5. Error: (12/06/2013 11:16:56 AM) (Source: Service Control Manager) (User: ) Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: %%1066 Error: (12/06/2013 11:14:16 AM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error: (12/06/2013 11:12:50 AM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/06/2013 11:11:57 AM) (Source: Service Control Manager) (User: ) Description: The vToolbarUpdater17.1.3 service failed to start due to the following error: %%2 Error: (12/06/2013 11:11:52 AM) (Source: Service Control Manager) (User: ) Description: The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 Error: (12/06/2013 11:11:52 AM) (Source: Service Control Manager) (User: ) Description: The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: %%1066 Error: (12/06/2013 11:11:52 AM) (Source: Service Control Manager) (User: ) Description: The iolo System Service service failed to start due to the following error: %%2 Error: (12/06/2013 11:11:50 AM) (Source: Service Control Manager) (User: ) Description: The Windows Firewall service terminated with service-specific error %%5. Microsoft Office Sessions: ========================= Error: (09/26/2014 08:56:36 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 160994504 seconds with 540 seconds of active time. This session ended with a crash. Error: (06/11/2013 00:52:50 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 183650 seconds with 2700 seconds of active time. This session ended with a crash. Error: (03/17/2013 10:49:29 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 27777 seconds with 540 seconds of active time. This session ended with a crash. Error: (09/10/2012 02:05:04 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash. Error: (05/05/2012 10:11:11 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 477076 seconds with 11340 seconds of active time. This session ended with a crash. Error: (04/19/2012 10:59:48 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 51799 seconds with 12960 seconds of active time. This session ended with a crash. Error: (03/14/2012 03:20:27 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 147764 seconds with 1440 seconds of active time. This session ended with a crash. Error: (01/12/2012 04:24:11 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 54734 seconds with 1620 seconds of active time. This session ended with a crash. Error: (01/02/2012 11:27:03 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 837 seconds with 600 seconds of active time. This session ended with a crash. Error: (10/23/2011 03:25:17 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Percentage of memory in use: 65% Total physical RAM: 3892.52 MB Available physical RAM: 1325.38 MB Total Pagefile: 7783.23 MB Available Pagefile: 5029.27 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:115.83 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 7188B833) Partition 1: (Not Active) - (Size=100 MB) - (Type=DE) Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Thanks! I'm learning so much and this forum is a wonderful tool. I went to uninstall from add/remove programs and it was not there (I had done this earlier) I ran AdwCleaner.exe and followed your directions. My computer went into a checkdisk mode and took hours to reboot, which may be what it was supposed to do. Now my computer is running very slowly! Here is the logfile report: # AdwCleaner v3.014 - Report created 05/12/2013 at 23:04:10 # Updated 01/12/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Debbie - DEBBIE-DELL # Running from : C:\Users\Debbie\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\ParetoLogic Folder Deleted : C:\Users\Debbie\AppData\Roaming\DriverCure Folder Deleted : C:\Users\Debbie\AppData\Roaming\ParetoLogic ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\ParetoLogic Key Deleted : HKLM\Software\ParetoLogic ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v [ File : C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [36566 octets] - [03/12/2013 11:29:08] AdwCleaner[R1].txt - [1002 octets] - [03/12/2013 15:11:03] AdwCleaner[R2].txt - [1403 octets] - [05/12/2013 22:57:13] AdwCleaner[s0].txt - [35657 octets] - [03/12/2013 11:50:46] AdwCleaner[s1].txt - [1063 octets] - [03/12/2013 15:12:27] AdwCleaner[s2].txt - [1295 octets] - [05/12/2013 23:04:10] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1355 octets] ########## ========================== WOW, it 3 hours and 20 minutes to do the QUICK scan. My computer is SO slow and is a mess right now. Here is the report : Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.06.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Debbie :: DEBBIE-DELL [administrator] 12/06/13 7:15:54 AM mbam-log-2013-12-06 (07-15-54).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 217021 Time elapsed: 3 hour(s), 21 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully. C:\Temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully. C:\Windows\System32\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully. C:\Windows\SysWOW64\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully. (end) ============================= Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2013 Ran by Debbie (administrator) on DEBBIE-DELL on 06-12-2013 12:05:09 Running from C:\Users\Debbie\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (Memeo) C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe (AOL) C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDFME.exe (AOL) C:\Program Files (x86)\AOL\DataMask by AOL\ep.exe (AOL) C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe (SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Webshots.com) C:\Program Files (x86)\Webshots\3.1.5.7619\Webshots.scr (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe (Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe (Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-13] (Dell) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path) HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) MountPoints2: E - E:\LaunchU3.exe -a MountPoints2: H - H:\LaunchU3.exe -a MountPoints2: {056b6265-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exe MountPoints2: {056b6270-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exe MountPoints2: {056b627d-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exe MountPoints2: {097a27df-6baf-11e0-b9c1-c44619fd34a2} - E:\AutoRun.exe MountPoints2: {097a2803-6baf-11e0-b9c1-c44619fd34a2} - E:\AutoRun.exe MountPoints2: {2e3ae15a-f82f-11e0-9a34-c44619fd34a2} - "E:\WD SmartWare.exe" autoplay=true MountPoints2: {3a03f7dd-6df0-11e0-9c28-00038a000015} - E:\AutoRun.exe MountPoints2: {3a03f7e9-6df0-11e0-9c28-00038a000015} - E:\AutoRun.exe MountPoints2: {4c86b20b-ea9e-11df-aca7-00038a000015} - "E:\WD SmartWare.exe" autoplay=true MountPoints2: {a6b050e8-3bac-11e1-9810-c44619fd34a2} - H:\LaunchU3.exe -a HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.) Startup: C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk ShortcutTarget: Webshots.lnk -> C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe (Webshots.com) Startup: C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk ShortcutTarget: _uninst_05648578.lnk -> C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat (No File) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File) BootExecute: autocheck autochk /p \??\F:autocheck autochk * ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://kolbi.msn.com/?rd=1&ucc=CR&dcc=CR&opt=0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x760B2275FDECCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {907C29F0-1F7C-41DE-B59B-CF7830BD034C} URL = BHO: DataMask by AOL - {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} - C:\Program Files (x86)\AOL\DataMask by AOL\epbho64.dll (AOL) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO: DataMask by AOL - {ff507020-a257-4527-a222-b6f5732e55ee} - C:\Program Files (x86)\AOL\DataMask by AOL\plbho64.dll (AOL) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {8413196D-E290-4418-B5C6-A3B1379A909C} - No File Toolbar: HKCU - No Name - {F999A48B-1950-4D81-9971-79018F807B4B} - No File DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 10.0.1.1 FireFox: ======== FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @update.sentrybay.com/SentryBay Update;version=8 - C:\Program Files (x86)\SentryBay\Update\1.0.0.7621\npSentryBayOneClick8.dll (AOL) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: ScorpionSaver - C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\Extensions\ScorpionSaver@jetpack FF HKLM\...\Firefox\Extensions: [sss@sentrybay.com] - C:\Program Files (x86)\AOL\DataMask by AOL\ffext FF Extension: DataMask by AOL - C:\Program Files (x86)\AOL\DataMask by AOL\ffext FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKLM-x32\...\Firefox\Extensions: [sss@sentrybay.com] - C:\Program Files (x86)\AOL\DataMask by AOL\ffext FF Extension: DataMask by AOL - C:\Program Files (x86)\AOL\DataMask by AOL\ffext FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [bjaehcnihbogidpfieaepehilfecnodk] - C:\Program Files (x86)\AOL\DataMask by AOL\phishlock.crx CHR HKLM-x32\...\Chrome\Extension: [kochbcmingebnmbcpbbpfpmipakoipge] - C:\Program Files (x86)\AOL\DataMask by AOL\phishlock.crx ==================== Services (Whitelisted) ================= R2 EntryProtect; C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe [45896 2013-04-30] (AOL) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.) S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 MemeoBackgroundService; C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824 2009-11-12] (Memeo) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.) S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 sbupdate; C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [129904 2012-05-26] (AOL) S4 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [118272 2008-07-24] (WDC) R2 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1978256 2011-08-01] (Western Digital ) R2 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338256 2011-08-01] (Western Digital ) S4 XAudioService; C:\Windows\system32\DRIVERS\ACFXAU64.exe [410624 2007-05-09] (Conexant Systems, Inc.) S4 AGCoreService; "C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe" [x] S2 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [x] S2 vToolbarUpdater17.1.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x] U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\ \...\???\{c614d3bf-243a-3fd7-a4fd-36cd3756874b}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess) ==================== Drivers (Whitelisted) ==================== S3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [121856 2007-04-26] (Conexant Systems Inc.) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-21] (AVG Technologies) S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.) S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [35200 2007-05-09] (Conexant Systems, Inc.) R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-17] (EldoS Corporation) R3 epfilter; C:\Windows\system32\drivers\epfilter.sys [21312 2013-08-12] (SentryBay) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.) R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.) R3 SaiH8000; C:\Windows\System32\DRIVERS\SaiH8000.sys [178560 2008-04-04] (Saitek) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-12-06] () R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2007-05-09] (Conexant Systems, Inc.) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.) S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-06 12:05 - 2013-12-06 12:06 - 00018654 _____ C:\Users\Debbie\Downloads\FRST.txt 2013-12-06 12:05 - 2013-12-06 12:05 - 00000000 ____D C:\FRST 2013-12-06 12:04 - 2013-12-06 12:04 - 01925820 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe 2013-12-06 01:37 - 2013-12-06 11:11 - 00000112 _____ C:\Windows\setupact.log 2013-12-06 01:37 - 2013-12-06 01:37 - 00000000 _____ C:\Windows\setuperr.log 2013-12-06 01:36 - 2013-12-06 01:36 - 00003544 ____N C:\bootsqm.dat 2013-12-05 23:02 - 2013-12-06 06:15 - 00000000 ____D C:\Users\Debbie\Desktop\Scorpion Forum clean up reports 2013-12-05 08:25 - 2013-12-05 08:25 - 00024210 _____ C:\Users\Debbie\Desktop\DDS -- from dds.scr download 2nd page.txt 2013-12-05 08:21 - 2013-12-05 08:21 - 00014403 _____ C:\Users\Debbie\Desktop\Attach - from dds.scr download.txt 2013-12-05 08:18 - 2013-12-05 08:18 - 00014403 _____ C:\Users\Debbie\Desktop\attach.txt 2013-12-05 08:15 - 2013-12-05 08:15 - 00688992 ____R (Swearware) C:\Users\Debbie\Downloads\dds.scr 2013-12-03 22:59 - 2013-12-03 22:59 - 00002722 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task 2013-12-03 22:55 - 2013-12-03 22:55 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Debbie\Downloads\Repair-tool.exe 2013-12-03 21:35 - 2013-12-03 21:37 - 22791896 _____ (Microsoft Corporation) C:\Users\Debbie\Downloads\Windows-KB890830-x64-V5.6.exe 2013-12-03 17:59 - 2013-12-03 18:49 - 00000000 ____D C:\Users\Debbie\Downloads\myuninst 2013-12-03 17:58 - 2013-12-03 17:58 - 00046124 _____ C:\Users\Debbie\Downloads\myuninst.zip 2013-12-03 16:14 - 2013-12-03 16:19 - 00015066 _____ C:\Users\Debbie\Downloads\SystemLook.txt 2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\_OTM 2013-12-03 14:11 - 2013-12-03 14:11 - 00522240 _____ (OldTimer Tools) C:\Users\Debbie\Downloads\OTM.exe 2013-12-03 13:53 - 2013-12-06 06:47 - 00000000 ____D C:\Users\Debbie\Desktop\Virus instructions 2013-12-03 12:42 - 2013-12-03 12:42 - 00165376 _____ C:\Users\Debbie\Downloads\SystemLook_x64.exe 2013-12-03 12:32 - 2013-12-03 12:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-03 12:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-12-03 12:29 - 2013-12-03 12:30 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1-1.75.0.1300.exe 2013-12-03 11:28 - 2013-12-05 23:04 - 00000000 ____D C:\AdwCleaner 2013-12-03 11:27 - 2013-12-03 11:27 - 01110034 _____ C:\Users\Debbie\Downloads\AdwCleaner.exe 2013-12-03 11:07 - 2013-12-03 11:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2013-12-03 10:19 - 2013-12-06 11:19 - 00001846 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk 2013-12-03 10:19 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys 2013-12-03 10:18 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2013-12-03 10:17 - 2013-12-06 01:37 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-12-03 10:17 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files\McAfee.com 2013-12-03 09:36 - 2013-11-04 16:46 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe 2013-12-03 09:26 - 2013-12-03 09:36 - 05131824 _____ (McAfee, Inc.) C:\Users\Debbie\Downloads\McAfeeSetup-Serial.exe 2013-12-02 20:39 - 2013-12-02 20:44 - 00023235 _____ C:\Users\Debbie\Desktop\Oct - Dec 2014 BCR stmt.xlsx 2013-12-01 21:47 - 2013-12-02 12:56 - 00000000 ____D C:\Users\Debbie\Desktop\Eye 2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Malwarebytes 2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-29 00:22 - 2013-11-29 00:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-28 23:22 - 2013-11-28 23:22 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\McAFee TechCheck 2013-11-28 23:20 - 2013-11-28 23:24 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\TechCheck 2013-11-28 23:20 - 2000-05-22 01:00 - 00244416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msflxgrd.ocx 2013-11-28 23:20 - 2000-05-22 01:00 - 00203976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX 2013-11-28 15:53 - 2013-12-02 18:36 - 00022825 _____ C:\Users\Debbie\Desktop\Monthly Payment Schedule 11-28-13.xlsx 2013-11-28 09:50 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files\Common Files\McAfee 2013-11-28 09:24 - 2013-11-28 09:31 - 00000000 ____D C:\Program Files\stinger 2013-11-28 06:27 - 2013-11-28 06:27 - 00002004 _____ C:\Users\Debbie\Desktop\Workout List 8-7-13 - Shortcut.lnk 2013-11-27 21:51 - 2013-11-27 21:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-27 21:51 - 2013-11-27 21:52 - 00000000 ____D C:\Program Files\iTunes 2013-11-27 21:51 - 2013-11-27 21:52 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-11-27 21:51 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iPod 2013-11-27 20:10 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\Windows\system32\AdpeakProxy64.dll 2013-11-27 17:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-27 17:01 - 2013-11-27 17:01 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-27 17:01 - 2013-11-27 17:01 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-27 17:01 - 2013-11-27 17:01 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-27 17:01 - 2013-11-27 17:01 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-27 17:01 - 2013-11-27 17:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-27 17:01 - 2013-11-27 17:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-27 17:01 - 2013-11-27 17:01 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-27 17:01 - 2013-11-27 17:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-27 16:58 - 2013-11-27 17:04 - 00007514 _____ C:\Windows\IE11_main.log 2013-11-27 16:52 - 2013-11-27 16:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-11-27 16:52 - 2013-11-27 16:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-25 22:20 - 2013-11-25 22:20 - 00006148 ____H C:\Users\Public\.DS_Store 2013-11-19 16:35 - 2013-11-27 08:02 - 00002429 _____ C:\Users\Debbie\Desktop\Scott's Weight - Shortcut.lnk 2013-11-15 13:51 - 2013-11-15 13:58 - 00000000 ____D C:\bbc32f117dc597ff11b76deb 2013-11-14 20:49 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 20:49 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-14 20:49 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 20:49 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 20:49 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 20:49 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-14 20:49 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-14 20:49 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-14 20:49 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-14 20:48 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 20:48 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 20:48 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 20:48 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-14 20:48 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 20:48 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 20:48 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-14 20:48 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 20:48 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 20:48 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 20:48 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 20:48 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 20:48 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 20:48 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 20:48 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 20:48 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-14 20:48 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-14 20:48 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-14 20:48 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 20:48 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 20:48 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys ==================== One Month Modified Files and Folders ======= 2014-09-26 09:28 - 2011-03-26 10:05 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher 2014-09-26 09:12 - 2011-03-26 10:05 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job 2014-09-26 09:07 - 2011-03-26 10:05 - 00003456 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest 2014-09-26 08:57 - 2011-03-26 10:05 - 00004276 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2013-12-06 12:06 - 2013-12-06 12:05 - 00018654 _____ C:\Users\Debbie\Downloads\FRST.txt 2013-12-06 12:05 - 2013-12-06 12:05 - 00000000 ____D C:\FRST 2013-12-06 12:04 - 2013-12-06 12:04 - 01925820 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe 2013-12-06 12:02 - 2012-05-26 22:57 - 00000892 _____ C:\Windows\Tasks\SentryBayUpdateTaskMachineUA.job 2013-12-06 11:31 - 2012-04-09 23:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-06 11:24 - 2011-10-02 00:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-06 11:22 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-06 11:22 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-06 11:19 - 2013-12-03 10:19 - 00001846 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk 2013-12-06 11:19 - 2009-07-13 23:10 - 02020452 _____ C:\Windows\WindowsUpdate.log 2013-12-06 11:16 - 2013-10-28 21:27 - 00002848 _____ C:\Windows\System32\Tasks\DriverUpdate Startup 2013-12-06 11:16 - 2013-10-28 21:27 - 00000420 _____ C:\Windows\Tasks\DriverUpdate Startup.job 2013-12-06 11:14 - 2013-10-28 21:27 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys 2013-12-06 11:14 - 2011-10-02 00:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-06 11:14 - 2010-09-02 22:31 - 00000000 ____D C:\Users\Debbie\AppData\Local\SoftThinks 2013-12-06 11:14 - 2010-07-12 18:50 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks 2013-12-06 11:14 - 2010-07-12 18:50 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks 2013-12-06 11:14 - 2010-07-12 18:34 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup 2013-12-06 11:13 - 2012-05-26 22:57 - 00000888 _____ C:\Windows\Tasks\SentryBayUpdateTaskMachineCore.job 2013-12-06 11:11 - 2013-12-06 01:37 - 00000112 _____ C:\Windows\setupact.log 2013-12-06 11:11 - 2011-04-23 15:18 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2013-12-06 11:11 - 2010-07-12 20:00 - 00357066 _____ C:\Windows\PFRO.log 2013-12-06 11:11 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-06 06:47 - 2013-12-03 13:53 - 00000000 ____D C:\Users\Debbie\Desktop\Virus instructions 2013-12-06 06:15 - 2013-12-05 23:02 - 00000000 ____D C:\Users\Debbie\Desktop\Scorpion Forum clean up reports 2013-12-06 01:37 - 2013-12-06 01:37 - 00000000 _____ C:\Windows\setuperr.log 2013-12-06 01:37 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-12-06 01:36 - 2013-12-06 01:36 - 00003544 ____N C:\bootsqm.dat 2013-12-05 23:05 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\tracing 2013-12-05 23:04 - 2013-12-03 11:28 - 00000000 ____D C:\AdwCleaner 2013-12-05 22:52 - 2012-04-19 12:37 - 00000000 ____D C:\Users\Debbie\AppData\Local\BCE66ED4-FCC7-4397-B8C3-53BA4963CEE9.aplzod 2013-12-05 08:25 - 2013-12-05 08:25 - 00024210 _____ C:\Users\Debbie\Desktop\DDS -- from dds.scr download 2nd page.txt 2013-12-05 08:21 - 2013-12-05 08:21 - 00014403 _____ C:\Users\Debbie\Desktop\Attach - from dds.scr download.txt 2013-12-05 08:18 - 2013-12-05 08:18 - 00014403 _____ C:\Users\Debbie\Desktop\attach.txt 2013-12-05 08:15 - 2013-12-05 08:15 - 00688992 ____R (Swearware) C:\Users\Debbie\Downloads\dds.scr 2013-12-05 07:40 - 2013-07-05 08:09 - 00000000 ____D C:\Users\Debbie\Desktop\Photos 2013-12-04 09:40 - 2009-07-13 23:13 - 00852936 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-03 22:59 - 2013-12-03 22:59 - 00002722 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task 2013-12-03 22:55 - 2013-12-03 22:55 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Debbie\Downloads\Repair-tool.exe 2013-12-03 21:55 - 2011-05-12 15:48 - 00018527 _____ C:\Users\Debbie\Desktop\To buy-bring to CR.xlsx 2013-12-03 21:37 - 2013-12-03 21:35 - 22791896 _____ (Microsoft Corporation) C:\Users\Debbie\Downloads\Windows-KB890830-x64-V5.6.exe 2013-12-03 21:24 - 2011-10-03 02:13 - 00000000 ___RD C:\Users\Debbie\Dropbox 2013-12-03 21:24 - 2011-10-03 02:09 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Dropbox 2013-12-03 18:49 - 2013-12-03 17:59 - 00000000 ____D C:\Users\Debbie\Downloads\myuninst 2013-12-03 17:58 - 2013-12-03 17:58 - 00046124 _____ C:\Users\Debbie\Downloads\myuninst.zip 2013-12-03 16:19 - 2013-12-03 16:14 - 00015066 _____ C:\Users\Debbie\Downloads\SystemLook.txt 2013-12-03 15:34 - 2012-08-21 13:52 - 00000000 ____D C:\ProgramData\McAfee 2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\_OTM 2013-12-03 14:11 - 2013-12-03 14:11 - 00522240 _____ (OldTimer Tools) C:\Users\Debbie\Downloads\OTM.exe 2013-12-03 12:50 - 2011-02-12 00:07 - 00000000 ____D C:\Program Files (x86)\Safari 2013-12-03 12:42 - 2013-12-03 12:42 - 00165376 _____ C:\Users\Debbie\Downloads\SystemLook_x64.exe 2013-12-03 12:33 - 2013-12-03 12:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-03 12:30 - 2013-12-03 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1-1.75.0.1300.exe 2013-12-03 11:27 - 2013-12-03 11:27 - 01110034 _____ C:\Users\Debbie\Downloads\AdwCleaner.exe 2013-12-03 11:07 - 2013-12-03 11:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2013-12-03 10:19 - 2013-10-08 23:57 - 00000000 ____D C:\Program Files\McAfee 2013-12-03 10:18 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2013-12-03 10:18 - 2013-11-28 09:50 - 00000000 ____D C:\Program Files\Common Files\McAfee 2013-12-03 10:17 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files\McAfee.com 2013-12-03 09:36 - 2013-12-03 09:26 - 05131824 _____ (McAfee, Inc.) C:\Users\Debbie\Downloads\McAfeeSetup-Serial.exe 2013-12-02 22:23 - 2010-09-04 04:25 - 00000000 ___SD C:\Users\Debbie\Documents\My ScanSnap 2013-12-02 20:44 - 2013-12-02 20:39 - 00023235 _____ C:\Users\Debbie\Desktop\Oct - Dec 2014 BCR stmt.xlsx 2013-12-02 19:52 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF 2013-12-02 18:36 - 2013-11-28 15:53 - 00022825 _____ C:\Users\Debbie\Desktop\Monthly Payment Schedule 11-28-13.xlsx 2013-12-02 18:36 - 2013-10-10 14:10 - 00012174 _____ C:\Users\Debbie\Desktop\Jolani - Kathy & Greg Rental.xlsx 2013-12-02 12:56 - 2013-12-01 21:47 - 00000000 ____D C:\Users\Debbie\Desktop\Eye 2013-11-29 22:43 - 2009-08-20 03:09 - 00052224 _____ C:\Users\Debbie\Desktop\Nov. 25 - Dec. 1 , 2013 weekly schedule.xls 2013-11-29 16:54 - 2013-09-29 21:28 - 00000000 ____D C:\Users\Debbie\Desktop\Rental Statements 2013-11-29 13:17 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache 2013-11-29 10:30 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-29 08:19 - 2010-09-04 16:48 - 00842006 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-11-29 00:32 - 2013-10-22 00:17 - 00000095 _____ C:\Users\Debbie\AppData\Roaming\WB.CFG 2013-11-29 00:32 - 2009-08-20 00:17 - 00000006 _____ C:\Users\Debbie\AppData\Roaming\WBPU-TTL.DAT 2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Malwarebytes 2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-29 00:23 - 2013-11-29 00:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-28 23:24 - 2013-11-28 23:20 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\TechCheck 2013-11-28 23:22 - 2013-11-28 23:22 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\McAFee TechCheck 2013-11-28 09:31 - 2013-11-28 09:24 - 00000000 ____D C:\Program Files\stinger 2013-11-28 06:27 - 2013-11-28 06:27 - 00002004 _____ C:\Users\Debbie\Desktop\Workout List 8-7-13 - Shortcut.lnk 2013-11-27 21:53 - 2013-11-27 21:51 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-27 21:52 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iTunes 2013-11-27 21:52 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-11-27 21:51 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iPod 2013-11-27 21:35 - 2010-09-02 22:31 - 00000000 ___RD C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-27 19:03 - 2010-09-02 22:37 - 00001415 _____ C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-27 17:04 - 2013-11-27 16:58 - 00007514 _____ C:\Windows\IE11_main.log 2013-11-27 17:01 - 2013-11-27 17:01 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-27 17:01 - 2013-11-27 17:01 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-27 17:01 - 2013-11-27 17:01 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-27 17:01 - 2013-11-27 17:01 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-27 17:01 - 2013-11-27 17:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-27 17:01 - 2013-11-27 17:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-27 17:01 - 2013-11-27 17:01 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-27 17:01 - 2013-11-27 17:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-27 17:01 - 2013-11-27 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-27 17:01 - 2013-11-27 17:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-27 16:52 - 2013-11-27 16:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-11-27 16:52 - 2013-11-27 16:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-27 16:52 - 2012-03-14 12:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-11-27 16:52 - 2012-03-14 12:02 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-11-27 16:52 - 2010-07-12 18:08 - 00000000 ____D C:\Program Files (x86)\Java 2013-11-27 16:49 - 2010-09-03 00:50 - 00000000 ____D C:\ProgramData\Skype 2013-11-27 16:44 - 2012-04-09 23:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-27 16:44 - 2012-04-09 23:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-27 16:44 - 2012-03-14 15:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-27 14:38 - 2013-05-02 23:28 - 00000000 ____D C:\Users\Debbie\Desktop\Airline Tickets used - refunded 2013-11-27 08:02 - 2013-11-19 16:35 - 00002429 _____ C:\Users\Debbie\Desktop\Scott's Weight - Shortcut.lnk 2013-11-25 22:20 - 2013-11-25 22:20 - 00006148 ____H C:\Users\Public\.DS_Store 2013-11-21 06:52 - 2013-10-21 23:15 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys 2013-11-19 21:25 - 2013-09-18 01:20 - 00000000 ____D C:\Users\Debbie\Desktop\CDSP Troy Mac servers 2013-11-19 19:21 - 2013-05-28 21:09 - 00013184 _____ C:\Users\Debbie\Desktop\Apple shortcuts.xlsx 2013-11-19 13:50 - 2009-07-13 22:54 - 00000749 ___RH C:\Windows\WindowsShell.Manifest 2013-11-19 13:50 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-11-18 13:41 - 2009-07-13 20:34 - 00000608 _____ C:\Windows\win.ini 2013-11-18 12:08 - 2013-08-07 21:53 - 00007545 _____ C:\Windows\LkmdfCoInst.log 2013-11-18 12:07 - 2013-08-07 21:53 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2013-11-15 14:32 - 2010-09-03 11:16 - 00000000 ____D C:\Users\Debbie\AppData\Local\Adobe 2013-11-15 14:00 - 2010-09-04 09:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-15 13:58 - 2013-11-15 13:51 - 00000000 ____D C:\bbc32f117dc597ff11b76deb 2013-11-15 13:58 - 2013-07-31 05:01 - 00000000 ____D C:\Windows\system32\MRT 2013-11-07 16:00 - 2010-09-04 18:05 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ZeroAccess: C:\Users\Debbie\AppData\Local\Google\Desktop\Install ZeroAccess: C:\Program Files (x86)\Google\Desktop\Install Some content of TEMP: ==================== C:\Users\Debbie\AppData\Local\Temp\dhddur7u.dll C:\Users\Debbie\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender LastRegBack: 2013-11-30 07:56 ==================== End Of Log ============================

Boy oh boy do I need help --- it appears I have the scorpion virus on my computer. I have never had a virus infection before, so this is throwing me for a loop. I've read your instructions, (after I goofed and wrote on another forum --- sorry!), and have downloaded the dds.scr file and below are the results. I did follow an earlier forum and did what Kevin was advising them to do and it seemed to work, but I suspect the virus is still 'lurking' in the background. So I want to be sure to clean it up completely. I appreciate any help you can give me. Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 09/02/10 10:31:28 PM System Uptime: 12/04/13 10:43:57 AM (22 hours ago) . Motherboard: Dell Inc. | | 021CN3 Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | U2E1 | 2266/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 283 GiB total, 112.176 GiB free. D: is CDROM () Z: is NetworkDisk (NTFS) - 465 GiB total, 374.368 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 4500 G510n-z Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Officejet 4500 G510n-z PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{00000000-DECA-FADE-DECA-DEAFDECACAFE}_VID&000205AC_PID&1294\9&18CAD2E3&0&041E641B27DF_C00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{00000000-DECA-FADE-DECA-DEAFDECACAFE}_VID&000205AC_PID&1294\9&18CAD2E3&0&041E641B27DF_C00000000 Service: . ==== System Restore Points =================== . RP316: 11/27/13 4:38:36 PM - McAfee Vulnerability Scanner RP317: 11/27/13 4:57:37 PM - Windows Update RP318: 11/27/13 9:45:03 PM - Installed iTunes RP319: 11/29/13 6:17:55 AM - Removed ScorpionSaver Services RP320: 11/29/13 8:14:47 AM - Windows Update RP321: 11/29/13 9:55:45 AM - Installed Microsoft Fix it 50123 RP322: 12/03/13 11:14:15 AM - Revo Uninstaller's restore point - ScorpionSaver RP323: 12/03/13 11:14:57 AM - Removed ScorpionSaver RP324: 12/03/13 11:19:02 AM - Revo Uninstaller's restore point - ScorpionSaver RP325: 12/03/13 11:17:06 PM - Revo Uninstaller's restore point - RegCure Pro . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 4500_G510gm_Help 4500_G510nz_Help 4500G510gm 4500G510gm_Software_Min 4500G510nz 4500G510nz_Software_Min 64 Bit HP CIO Components Installer ABBYY FineReader for ScanSnap 4.0 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.05) Advanced Audio FX Engine AirPort AOL Uninstaller (Choose which Products to Remove) Apple Application Support Apple Mobile Device Support Apple Software Update Banctec Service Agreement Bonjour Bonjour Print Services BufferChm Business Contact Manager for Outlook 2007 SP2 CameraHelperMsi CardMinder CardMinder V4.0 Conexant USB D400 V.92 Modem Consumer In-Home Service Agreement Cozi Crystal Reports Basic Runtime for Visual Studio 2008 D3DX10 Data Lifeguard Diagnostic for Windows DataMask by AOL Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Dock Dell Driver Download Manager Dell Edoc Viewer Dell Getting Started Guide Dell Support Center Dell Webcam Central Destinations DeviceDiscovery DocMgr DocProc Documents To Go Desktop for iPhone DriverUpdate Dropbox DW WLAN Card EDDI-7 eReg Fax Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HP Customer Participation Program 13.0 hp deskjet 5550 series (Remove only) HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Officejet 4500 G510g-m HP Officejet 4500 G510n-z hp print screen utility HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPProductAssistant iCloud Intel® Graphics Media Accelerator Driver Intel® Management Engine Components iPhone Configuration Utility IrfanView (remove only) iTunes Java 7 Update 45 Java Auto Updater Java 6 Update 31 Junk Mail filter update Logitech SetPoint 6.61 Logitech Unifying Software 2.10 Logitech Vid HD Logitech Webcam Software LoJack Factory Installer LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS VideoEffects LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch McAfee SecurityCenter Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office 2000 Professional Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Accounting 2008 Microsoft Office Accounting 2008 Equifax Addin Microsoft Office Accounting 2008 Fixed Asset Manager Microsoft Office Accounting 2008 PayPal Addin Microsoft Office Accounting ADP Payroll Addin Microsoft Office Excel MUI (English) 2007 Microsoft Office Live Meeting 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) Microsoft SQL Server 2005 Tools Express Edition Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mobile Partner MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Network64 OCR Software by I.R.I.S. 13.0 PowerDVD DX Quickset64 QuickTime Realtek High Definition Audio Driver Revo Uninstaller 1.95 Rosetta Stone Version 3 Roxio Burn RTC Client API v1.2 Safari Scan Scan to Microsoft SharePoint ScanSnap ScanSnap Manager Security Update for CAPICOM (KB931906) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition SentryBay Update Helper Shared C Run-time for x64 Skype™ 6.3 SmartWebPrinting SolutionCenter Status Synaptics Pointing Device Driver System Checkup 3.4 Toolbox TrayApp Uninstall AOL Emergency Connect Utility 1.0 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) WD Anywhere Backup WD Drive Manager (x64) WD SmartWare WebReg Webshots Desktop WIDCOMM Bluetooth Software Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Migration Assistant Yahoo! Messenger Zip Extractor Packages . ==== Event Viewer Messages From Past Week ======== . 12/05/13 7:05:18 AM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 12/05/13 7:05:18 AM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The service has returned a service-specific error code. 12/05/13 7:04:15 AM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. 12/03/13 7:12:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. 12/03/13 7:08:34 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 12/03/13 7:07:40 PM, Error: Service Control Manager [7000] - The vToolbarUpdater17.1.3 service failed to start due to the following error: The system cannot find the file specified. 12/03/13 7:07:35 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 12/03/13 7:07:35 PM, Error: Service Control Manager [7000] - The iolo System Service service failed to start due to the following error: The system cannot find the file specified. 12/03/13 4:50:14 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 12/03/13 3:36:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Proxy Service service to connect. 12/03/13 3:36:08 PM, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12/03/13 3:36:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Home Network service to connect. 12/03/13 3:36:07 PM, Error: Service Control Manager [7000] - The McAfee Home Network service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12/03/13 10:17:46 AM, Error: Service Control Manager [7003] - The McAfee Proxy Service service depends the following service: MfeFire. This service might not be installed. 12/02/13 3:55:16 PM, Error: Service Control Manager [7034] - The vToolbarUpdater17.1.3 service terminated unexpectedly. It has done this 1 time(s). 11/29/13 10:42:22 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0826: Update for Windows 7 for x64-based Systems (KB2709981). 11/29/13 10:42:22 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070002: Update for Windows 7 for x64-based Systems (KB2592687). 11/29/13 10:29:58 AM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 11/28/13 12:36:46 AM, Error: Service Control Manager [7031] - The McAfee Anti-Malware Core service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. . ==== End Of File =========================== DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2 Run by Debbie at 8:16:59 on 2013-12-05 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.1914 [GMT -6:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files\McAfee\MSC\McAPExe.exe C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe C:\Windows\system32\mfevtps.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Western Digital\WD SmartWare\WDFME.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\taskhost.exe C:\Program Files (x86)\AOL\DataMask by AOL\ep.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\PROGRA~2\Webshots\315~1.761\webshots.scr C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files (x86)\Common Files\aol\1283495046\ee\aolsoftware.exe C:\Users\Debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files (x86)\Safari\Safari.exe C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe, EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" StartupFolder: C:\Users\Debbie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Webshots.lnk - C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe StartupFolder: C:\Users\Debbie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: NameServer = 10.0.1.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0} : DHCPNameServer = 10.0.1.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0}\2456C6B696E6F5E4B2F5339393835343 : DHCPNameServer = 192.168.2.1 192.168.2.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0}\2456C6B696E6F5E4F575962756C6563737F5141413145473 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0}\2656C6B696E6E2639323 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0}\3444350502255616C6543747164756 : DHCPNameServer = 172.16.42.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0}\54E636C6166756022456C6B696E6 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0}\56E636C6166756B656973747F6E656 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{DEF8C239-858D-49C5-BFDF-92BF434FE2C0}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{EB3C3786-2687-48D1-A91F-6B79079133A9} : DHCPNameServer = 192.168.1.2 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: DataMask by AOL: {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} - C:\Program Files (x86)\AOL\DataMask by AOL\epbho64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - x64-BHO: DataMask by AOL: {ff507020-a257-4527-a222-b6f5732e55ee} - C:\Program Files (x86)\AOL\DataMask by AOL\plbho64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-9-24 782360] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-9-24 343696] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-7-12 55280] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-10-21 46368] R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-9-20 30752] R2 EntryProtect;DataMask by AOL;C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe [2013-4-30 45896] R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-3 328928] R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-12-3 178048] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-3 328928] R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-3 328928] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-3 328928] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [2009-11-12 25824] R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-12-3 1017016] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-12-3 219272] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-12-3 182752] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-7-12 1692480] R2 WDFMEService;WDFMEService;C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [2011-8-1 1978256] R2 WDRulesService;WDRulesService;C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-8-1 1338256] R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-7-12 20984] R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-7-12 35104] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-7-12 172704] R3 epfilter;epfilter;C:\Windows\System32\drivers\epfilter.sys [2012-5-26 21312] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-12 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-7-12 158720] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-7-12 271872] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-7-12 74280] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-9-24 311120] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-9-24 519576] R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-9-20 390552] R3 SaiH8000;SaiH8000;C:\Windows\System32\drivers\SaiH8000.sys [2008-4-4 178560] S2 0280411386215376mcinstcleanup;McAfee Application Installer Cleanup (0280411386215376);C:\Windows\TEMP\028041~1.EXE -cleanup -nolog --> C:\Windows\TEMP\028041~1.EXE -cleanup -nolog [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 ioloSystemService;iolo System Service;"C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" --> C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [?] S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-12-3 328928] S2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [?] S3 acfva;acfva;C:\Windows\System32\drivers\ACFVA64.sys [2010-10-6 121856] S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-9-24 70112] S3 dgcfltr;DGC Filter Driver;C:\Windows\System32\drivers\ACFDCP64.sys [2010-10-6 35200] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-12-3 197704] S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\System32\drivers\ewusbdev.sys [2011-5-7 114304] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-27 111616] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-5-23 77592] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-5-23 13080] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-8-19 351136] S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-8-19 4869024] S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-9-20 95984] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-11-17 25072] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-12 232992] S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-10-28 16152] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-31 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-4 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464] S4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-7-12 98208] S4 AGCoreService;AG Core Services;"C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe" --> C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe [?] S4 sbupdate;AOL Update Service (sbupdate);C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [2012-5-26 129904] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848] S4 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-7-12 2320920] S4 WDBtnMgrSvc.exe;WD Drive Manager Service;C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-7-24 118272] S4 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536] S4 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] . =============== Created Last 30 ================ . 2013-12-04 05:00:16 -------- d-----w- C:\Users\Debbie\AppData\Roaming\ParetoLogic 2013-12-04 05:00:16 -------- d-----w- C:\Users\Debbie\AppData\Roaming\DriverCure 2013-12-04 04:59:40 -------- d-----w- C:\ProgramData\ParetoLogic 2013-12-03 20:26:43 -------- d-----w- C:\_OTM 2013-12-03 18:32:49 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-12-03 18:32:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-03 17:28:23 -------- d-----w- C:\AdwCleaner 2013-12-03 17:07:41 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2013-12-03 16:19:41 197704 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys 2013-12-03 16:18:07 -------- d-----w- C:\Program Files (x86)\McAfee.com 2013-12-03 16:17:29 -------- d-----w- C:\Program Files\McAfee.com 2013-12-03 16:17:26 -------- d-----w- C:\Program Files (x86)\McAfee 2013-12-03 15:36:38 182752 ----a-w- C:\Windows\System32\mfevtps.exe 2013-11-29 14:16:36 -------- d-----w- C:\Windows\Migration 2013-11-29 06:25:45 -------- d-----w- C:\Users\Debbie\AppData\Roaming\Malwarebytes 2013-11-29 06:25:13 -------- d-----w- C:\ProgramData\Malwarebytes 2013-11-29 06:23:13 -------- d-----w- C:\Users\Debbie\AppData\Local\Programs 2013-11-29 05:22:45 -------- d-----w- C:\Users\Debbie\AppData\Roaming\McAFee TechCheck 2013-11-29 05:20:24 244416 ----a-w- C:\Windows\SysWow64\Msflxgrd.ocx 2013-11-29 05:20:24 203976 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX 2013-11-29 05:20:19 -------- d-----w- C:\Users\Debbie\AppData\Roaming\TechCheck 2013-11-28 15:50:07 -------- d-----w- C:\Program Files\Common Files\McAfee 2013-11-28 15:24:00 -------- d-----w- C:\Program Files\stinger 2013-11-28 03:51:01 -------- d-----w- C:\Program Files\iPod 2013-11-28 03:51:00 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-28 03:51:00 -------- d-----w- C:\Program Files\iTunes 2013-11-28 03:51:00 -------- d-----w- C:\Program Files (x86)\iTunes 2013-11-28 02:10:50 439296 ----a-w- C:\Windows\System32\AdpeakProxy64.dll 2013-11-28 02:10:47 338944 ----a-w- C:\Windows\SysWow64\AdpeakProxy.dll 2013-11-27 22:52:19 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-11-15 19:51:58 -------- d-----w- C:\bbc32f117dc597ff11b76deb 2013-11-15 02:49:39 1474048 ----a-w- C:\Windows\System32\crypt32.dll 2013-11-15 02:49:38 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-11-15 02:49:22 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-11-15 02:49:16 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-11-15 02:49:15 197120 ----a-w- C:\Windows\System32\credui.dll 2013-11-15 02:49:15 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll 2013-11-15 02:49:15 1796096 ----a-w- C:\Windows\SysWow64\authui.dll 2013-11-15 02:49:14 168960 ----a-w- C:\Windows\SysWow64\credui.dll 2013-11-15 02:49:14 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll . ==================== Find3M ==================== . 2013-12-04 01:12:32 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys 2013-11-27 22:44:47 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-11-27 22:44:47 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-21 12:52:33 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2013-11-18 18:07:59 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2013-11-04 22:51:44 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2013-11-04 22:46:34 343696 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2013-11-04 22:43:04 782360 ----a-w- C:\Windows\System32\drivers\mfehidk.sys 2013-11-04 22:41:22 519576 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2013-11-04 22:40:00 311120 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2013-11-04 22:39:20 179792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys 2013-10-20 15:31:16 17813896 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL 2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll 2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-09-25 02:25:24 182752 ----a-w- C:\Windows\System32\mfevtps.exe.82a7.deleteme 2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll 2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll 2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe 2013-09-20 15:38:30 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys 2013-09-20 15:38:14 95984 ----a-w- C:\Windows\System32\drivers\mfencrk.sys 2013-09-20 15:37:56 390552 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys 2013-09-17 15:29:48 30752 ----a-w- C:\Windows\System32\drivers\ElRawDsk.sys 2013-09-12 03:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll 2013-09-12 03:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll 2013-09-12 03:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll 2013-09-12 03:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2013-09-12 01:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll 2013-09-12 01:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll 2013-09-12 01:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll 2013-09-12 01:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2013-09-09 07:57:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll 2013-09-09 07:57:00 608080 ----a-w- C:\Windows\System32\msvcp100.dll 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll 2013-09-07 19:40:30 58696 ----a-w- C:\Windows\SysWow64\AOLParconLink.exe 2013-09-07 17:20:39 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2013-09-07 17:20:37 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-01-06 19:41:14 14848 ----a-w- C:\Program Files (x86)\EDDI7.vshost.exe 2012-01-06 19:40:06 10718208 ----a-w- C:\Program Files (x86)\EDDI7.exe 2012-01-06 19:40:04 71168 ----a-w- C:\Program Files (x86)\TRIBUTA_LN.DLL 2012-01-06 19:40:04 281600 ----a-w- C:\Program Files (x86)\TRIBUTA_EN.DLL 2012-01-06 19:40:04 17408 ----a-w- C:\Program Files (x86)\TRIBUTA_AD.DLL 2011-08-25 15:58:52 17920 ----a-w- C:\Program Files (x86)\Microsoft.VisualStudio.HostingProcess.Utilities.Sync.dll 2011-04-05 17:23:52 18702336 ----a-w- C:\Program Files (x86)\CRRedist2008_x86.exe 2011-02-19 03:54:14 3518464 ----a-w- C:\Program Files (x86)\itextsharp.DLL . ============= FINISH: 8:18:10.62 ===============

Kevin, I am new to this, as this is my first virus. Is that last post for me or am I confusing things by writing on this forum? May I start a new forum with you? If so, how do I do that? If you want me to also 'clean up' my computer, I have done so much downloading and stuff I've gotten confused. What is FRST? I'm not sure I used that program. debbie