dcw182

December 11, 2013

check out our vacation rentals on our VRBO's at www.vrbo.com/167560 for our two-bedroom villa or

www.vrbo.com/84676 for our studio by the beach. I can be reached at deb@costadelsol-cr.net.

Comment you helped me with my computer virus and we will give you a deal.

Thanks so very much for putting up with me and my ignorance. You are awesome!

deb

December 11, 2013

Everything is deleted and so I guess I shall run a normal day tomorrow and see what happens. I can't thank you enough! Come to Costa Rica, Dominical, we have wonderful vacation properties and will give you a good deal for taking such good care of me! Can I post how you can contact me or our website?

December 11, 2013

I'm not sure what you mean by this, what files do you want to delete?? I have a lot of files that are not program files but are related to running the programs. Notebook and folders of misc. Can I delete all this and only keep my Malwarebytes?

You need an anti-virus (you have McAfee at the present time) and Malwarebytes Do I need two? And how good is McAfee?

I am SO appreciative of all you have done for me and malwarebytes org I am happy to buy the Pro. Obviously you know your stuff. Do I need this? And if I do, then do I disable my McAfee?

December 11, 2013

I miss understood that part when I read it......that big word, "or"

Everything went smoothly and now I need to know how to delete the other programs. Just right click and delete or is there a better way?

I see these programs in my program file I am unsure of and have today's date on them as being installed, and I can uninstall. Should these been uninstalled?

Advanced Audio FX Engine

Realtek High Definition Audio Driver

Revo Uninstaler 1.95

And another question for you: Should I delete all the other files I have accumulated over all this repair process and just go with the Pro Malwarebytes to keep me secure?

I hope I am making sense here. Hard to convey what I mean in words sometimes.

deb

December 10, 2013

I was able to uninstall the Java 6 file.

Thank you for the info on WD, I will be installing Pro version of Malwarebytes.

Things were going too smoothly.....

I did use combofix and downloaded it to my desktop. It's in a zip file. Inside the zip file is the exe file that it will not allow me to rename it.

I do not show combofix in my windows uninstall list.

When I do the windows logo key + R I get the window that windows can't find it.

Now what?

December 10, 2013

Yep, it appears we are finally getting there! When I downloaded the Security Check, McAfee Security immediately quarantined a file called: Artemis!32F2448BF194 (Trojan) This stopped the SecurityCheck from downloading completely. I turned McAfee off and redownloaded.

Also it appears I have the McAfee Anti-Virus and Anti-Spyware AND the Windows Defender running. Is this not good to have two running at the same time? I'm not that thrilled, as I got a virus and I had McAfee. Recommendations?

Results of screen317's Security Check version 0.99.77

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 11

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

McAfee Anti-Virus and Anti-Spyware

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.75.0.1300

Java 6 Update 31

Java 7 Update 45

Adobe Flash Player 11.9.900.152

Adobe Reader XI

````````Process Check: objlist.exe by Laurent````````

mcafee VIRUSS~1 mcvsmap.exe

mcafee VIRUSS~1 mcvsshld.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 1%

````````````````````End of Log``````````````````````

December 10, 2013

# AdwCleaner v3.014 - Report created 10/12/2013 at 10:51:15

# Updated 01/12/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Debbie - DEBBIE-DELL

# Running from : C:\Users\Debbie\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v

[ File : C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [36566 octets] - [03/12/2013 11:29:08]

AdwCleaner[R1].txt - [1002 octets] - [03/12/2013 15:11:03]

AdwCleaner[R2].txt - [1403 octets] - [05/12/2013 22:57:13]

AdwCleaner[R3].txt - [1241 octets] - [10/12/2013 10:45:26]

AdwCleaner[s0].txt - [35657 octets] - [03/12/2013 11:50:46]

AdwCleaner[s1].txt - [1063 octets] - [03/12/2013 15:12:27]

AdwCleaner[s2].txt - [1435 octets] - [05/12/2013 23:04:10]

AdwCleaner[s3].txt - [1163 octets] - [10/12/2013 10:51:15]

########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1223 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.12.10.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

Debbie :: DEBBIE-DELL [administrator]

12/10/13 11:09:57 AM

MBAM-log-2013-12-10 (12-59-02).txt

Scan type: Full scan (C:\|)

Scan options disabled: P2P

Objects scanned: 465340

Time elapsed: 1 hour(s), 37 minute(s), 1 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy (PUP.Optional.ScorpionSaver) -> No action taken.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe.vir (Adware.AdPeak) -> No action taken.

C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> No action taken.

(end)

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.12.10.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

Debbie :: DEBBIE-DELL [administrator]

12/10/13 11:09:57 AM

mbam-log-2013-12-10 (11-09-57).txt

Scan type: Full scan (C:\|)

Scan options disabled: P2P

Objects scanned: 465340

Time elapsed: 1 hour(s), 37 minute(s), 1 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe.vir (Adware.AdPeak) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Windows\System32\ljkb\lmrn.dll.vir (PUP.Optional.Sweetpacks) -> Quarantined and deleted successfully.

(end)

December 10, 2013

It worked!

ComboFix 13-12-08.01 - Debbie 12/09/13 22:02:44.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.1981 [GMT -6:00]

Running from: c:\users\Debbie\AppData\Local\Temp\Temp1_ComboFix.zip\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files (x86)\CRRedist2008_x86.exe

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\bootstrap.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\defaults\preferences\prefs.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\page-mod.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\private-browsing.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\request.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\addon-kit\lib\windows.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\addon\runner.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\api-utils.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\base64.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\byte-streams.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\collection.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-proxy.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\content-worker.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\loader.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\symbiont.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\content\worker.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cortex.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\cuddlefish.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\deprecate.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\dom\events.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\environment.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\errors.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\core.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\event\target.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\events\assembler.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\file.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\functional.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\globals.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\heritage.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\hidden-frame.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\core.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\html.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\loader.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\locale.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\l10n\prefs.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\light-traits.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\list.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\loader.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\match-pattern.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\memory.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\namespace.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\observer-service.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\plain-text-console.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\preferences-service.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\private-browsing\utils.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\promise.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\querystring.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\runtime.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\sandbox.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\self.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\system\events.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\events.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\observer.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\tab.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\tabs\utils.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\text-streams.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\timer.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traceback.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\traits\core.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\unload.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\url.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\data.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\object.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\registry.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\utils\thumbnail.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\uuid.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window-utils.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\window\utils.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\dom.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\loader.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\observer.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\windows\tabs.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xhr.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xpcom.js

c:\users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\extensions\ScorpionSaver@jetpack\resources\api-utils\lib\xul-app.js

c:\windows\PFRO.log

.

((((((((((((((((((((((((( Files Created from 2013-11-10 to 2013-12-10 )))))))))))))))))))))))))))))))

.

2013-12-10 04:13 . 2013-12-10 04:13 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-12-10 04:09 . 2013-12-10 04:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3091C3C-2D9B-47B5-BDF5-CBF7D08BA74B}\offreg.dll

2013-12-09 00:22 . 2013-11-18 07:28 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3091C3C-2D9B-47B5-BDF5-CBF7D08BA74B}\mpengine.dll

2013-12-07 04:34 . 2013-12-10 01:56 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-12-07 04:34 . 2013-12-10 01:17 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2013-12-07 04:31 . 2013-12-10 01:16 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-12-06 18:05 . 2013-12-10 01:04 -------- d-----w- C:\FRST

2013-12-03 20:26 . 2013-12-03 20:26 -------- d-----w- C:\_OTM

2013-12-03 18:32 . 2013-04-04 20:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-12-03 18:32 . 2013-12-03 18:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-12-03 17:28 . 2013-12-06 05:04 -------- d-----w- C:\AdwCleaner

2013-12-03 17:07 . 2013-12-03 17:07 -------- d-----w- c:\program files (x86)\VS Revo Group

2013-12-03 16:19 . 2013-09-23 19:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2013-12-03 16:17 . 2013-12-03 16:17 -------- d-----w- c:\program files\McAfee.com

2013-12-03 16:17 . 2013-12-06 07:37 -------- d-----w- c:\program files (x86)\McAfee

2013-12-03 15:36 . 2013-11-04 22:46 182752 ----a-w- c:\windows\system32\mfevtps.exe

2013-11-29 14:16 . 2013-11-29 14:16 -------- d-----w- c:\windows\Migration

2013-11-29 06:25 . 2013-11-29 06:25 -------- d-----w- c:\users\Debbie\AppData\Roaming\Malwarebytes

2013-11-29 06:25 . 2013-11-29 06:25 -------- d-----w- c:\programdata\Malwarebytes

2013-11-29 06:23 . 2013-11-29 06:23 -------- d-----w- c:\users\Debbie\AppData\Local\Programs

2013-11-29 05:22 . 2013-11-29 05:22 -------- d-----w- c:\users\Debbie\AppData\Roaming\McAFee TechCheck

2013-11-29 05:20 . 2000-05-22 07:00 244416 ----a-w- c:\windows\SysWow64\Msflxgrd.ocx

2013-11-29 05:20 . 2000-05-22 07:00 203976 ----a-w- c:\windows\SysWow64\RICHTX32.OCX

2013-11-29 05:20 . 2013-11-29 05:24 -------- d-----w- c:\users\Debbie\AppData\Roaming\TechCheck

2013-11-28 15:50 . 2013-12-03 16:18 -------- d-----w- c:\program files\Common Files\McAfee

2013-11-28 15:24 . 2013-11-28 15:31 -------- d-----w- c:\program files\stinger

2013-11-28 03:51 . 2013-11-28 03:51 -------- d-----w- c:\program files\iPod

2013-11-28 03:51 . 2013-11-28 03:53 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-28 03:51 . 2013-11-28 03:52 -------- d-----w- c:\program files\iTunes

2013-11-28 03:51 . 2013-11-28 03:52 -------- d-----w- c:\program files (x86)\iTunes

2013-11-28 02:10 . 2013-10-16 16:18 439296 ----a-w- c:\windows\system32\AdpeakProxy64.dll

2013-11-27 23:04 . 2013-10-15 00:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE

2013-11-27 22:52 . 2013-11-27 22:52 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-11-27 22:52 . 2013-11-27 22:52 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-15 19:51 . 2013-11-15 19:58 -------- d-----w- C:\bbc32f117dc597ff11b76deb

2013-11-15 02:49 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll

2013-11-15 02:49 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-11-15 02:49 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys

2013-11-15 02:49 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll

2013-11-15 02:49 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll

2013-11-15 02:49 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll

2013-11-15 02:49 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll

2013-11-15 02:49 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll

2013-11-15 02:49 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-10 02:21 . 2013-10-29 03:27 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys

2013-11-27 22:44 . 2012-04-10 05:46 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-11-27 22:44 . 2012-03-14 21:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-11-21 12:52 . 2013-10-22 05:15 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys

2013-11-19 09:33 . 2010-09-03 06:14 267936 ------w- c:\windows\system32\MpSigStub.exe

2013-11-18 18:07 . 2013-08-08 03:53 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2013-11-07 22:00 . 2010-09-05 00:05 82896128 ----a-w- c:\windows\system32\MRT.exe

2013-11-04 22:51 . 2013-09-25 02:29 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys

2013-11-04 22:46 . 2013-09-25 02:25 343696 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2013-11-04 22:43 . 2013-09-25 02:22 782360 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2013-11-04 22:41 . 2013-09-25 02:21 519576 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2013-11-04 22:40 . 2013-09-25 02:20 311120 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2013-11-04 22:39 . 2013-09-25 02:19 179792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2013-10-20 15:31 . 2013-10-20 15:31 17813896 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-09-25 02:25 . 2013-10-09 05:42 182752 ----a-w- c:\windows\system32\mfevtps.exe.82a7.deleteme

2013-09-20 15:38 . 2013-09-20 15:38 10856 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys

2013-09-20 15:38 . 2013-09-20 15:38 95984 ----a-w- c:\windows\system32\drivers\mfencrk.sys

2013-09-20 15:37 . 2013-09-20 15:37 390552 ----a-w- c:\windows\system32\drivers\mfencbdc.sys

2013-09-17 15:29 . 2013-09-21 04:39 30752 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys

2013-09-12 03:21 . 2013-09-12 03:21 863344 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll

2013-09-12 03:21 . 2013-09-12 03:21 501872 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll

2013-09-12 03:21 . 2013-09-12 03:21 28776 ----a-w- c:\windows\SysWow64\aspnet_counters.dll

2013-09-12 03:21 . 2013-09-12 03:21 18000 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll

2013-09-12 01:39 . 2013-09-12 01:39 855664 ----a-w- c:\windows\system32\msvcr110_clr0400.dll

2013-09-12 01:39 . 2013-09-12 01:39 614000 ----a-w- c:\windows\system32\msvcp110_clr0400.dll

2013-09-12 01:39 . 2013-09-12 01:39 30312 ----a-w- c:\windows\system32\aspnet_counters.dll

2013-09-12 01:39 . 2013-09-12 01:39 18000 ----a-w- c:\windows\system32\msvcr100_clr0400.dll

2012-01-06 19:41 . 2012-01-06 19:41 14848 ----a-w- c:\program files (x86)\EDDI7.vshost.exe

2012-01-06 19:40 . 2012-01-06 19:40 10718208 ----a-w- c:\program files (x86)\EDDI7.exe

2012-01-06 19:40 . 2012-01-06 19:40 71168 ----a-w- c:\program files (x86)\TRIBUTA_LN.DLL

2012-01-06 19:40 . 2012-01-06 19:40 281600 ----a-w- c:\program files (x86)\TRIBUTA_EN.DLL

2012-01-06 19:40 . 2012-01-06 19:40 17408 ----a-w- c:\program files (x86)\TRIBUTA_AD.DLL

2011-08-25 15:58 . 2011-08-25 15:58 17920 ----a-w- c:\program files (x86)\Microsoft.VisualStudio.HostingProcess.Utilities.Sync.dll

2011-02-19 03:54 . 2011-02-19 03:54 3518464 ----a-w- c:\program files (x86)\itextsharp.DLL

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 130736 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]

"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-14 559616]

.

c:\users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Webshots.lnk - c:\program files (x86)\Webshots\3.1.5.7619\Launcher.exe /t [2010-9-4 157088]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /p \??\F:\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [x]

R2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x]

R3 acfva;acfva;c:\windows\system32\DRIVERS\ACFVA64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFVA64.sys [x]

R3 dgcfltr;DGC Filter Driver;c:\windows\system32\DRIVERS\ACFDCP64.sys;c:\windows\SYSNATIVE\DRIVERS\ACFDCP64.sys [x]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]

R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]

R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]

R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]

R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]

R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]

R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]

R4 AGCoreService;AG Core Services;c:\program files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe;c:\program files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe [x]

R4 sbupdate;AOL Update Service (sbupdate);c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe;c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe [x]

R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R4 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]

R4 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

R4 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [x]

R4 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]

R4 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]

S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys;c:\windows\SYSNATIVE\drivers\ElRawDsk.sys [x]

S2 EntryProtect;DataMask by AOL;c:\program files (x86)\AOL\DataMask by AOL\epservice.exe;c:\program files (x86)\AOL\DataMask by AOL\epservice.exe [x]

S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe;c:\program files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [x]

S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]

S2 WDFMEService;WDFMEService;c:\program files\Western Digital\WD SmartWare\WDFME.exe;c:\program files\Western Digital\WD SmartWare\WDFME.exe [x]

S2 WDRulesService;WDRulesService;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [x]

S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]

S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]

S3 epfilter;epfilter;c:\windows\system32\drivers\epfilter.sys;c:\windows\SYSNATIVE\drivers\epfilter.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]

S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]

S3 SaiH8000;SaiH8000;c:\windows\system32\DRIVERS\SaiH8000.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH8000.sys [x]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - epinject

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2013-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 22:44]

.

2013-12-10 c:\windows\Tasks\DriverUpdate Startup.job

- c:\program files (x86)\DriverUpdate\DriverUpdate.exe [2013-06-22 21:26]

.

2013-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 06:52]

.

2013-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-02 06:52]

.

2013-09-29 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]

.

2013-12-10 c:\windows\Tasks\SentryBayUpdateTaskMachineCore.job

- c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe [2012-05-27 04:57]

.

2013-12-10 c:\windows\Tasks\SentryBayUpdateTaskMachineUA.job

- c:\program files (x86)\SentryBay\Update\SentryBayUpdate.exe [2012-05-27 04:57]

.

2014-09-26 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\Debbie\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 10.0.1.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

c:\users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk - c:\users\Debbie\AppData\Local\Temp\_uninst_05648578.bat

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

WebBrowser-{8413196D-E290-4418-B5C6-A3B1379A909C} - (no file)

WebBrowser-{F999A48B-1950-4D81-9971-79018F807B4B} - (no file)

AddRemove-{2857dbef-0b50-361c-8690-7d505747009f} - c:\program files (x86)\AGI\core\4.2.0.10753\InstallerGUI.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]

"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-12-09 22:18:39

ComboFix-quarantined-files.txt 2013-12-10 04:18

.

Pre-Run: 156,617,891,840 bytes free

Post-Run: 156,508,192,768 bytes free

.

- - End Of File - - 9C919F3D0CB787CFE140D2F107E58C6F

December 10, 2013

I downloaded ComboFix.exe and right at the end of the download my McAfee program said it quarantined a Trojan. I have disabled my firewall on McAfee before running this. And when I went to open the ComboFix.exe file it says "Safari can't show the file because it has moved since you downloaded it."

now what?

December 10, 2013

without screwing up this time? I will try!

December 10, 2013

By George I think we got it!!

RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.adlice.com/forum/

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Debbie [Admin rights]

Mode : Scan -- Date : 12/09/2013 20:49:36

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤

[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND

[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 1 ¤¤¤

[Debbie][sUSP PATH] _uninst_05648578.lnk : C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk @C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat [-][x] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545032B9A300 +++++

--- User ---

[MBR] 5ea7e81eaf591d3ec1f78e1d30874d01

[bSP] b7b3eb14adfd50ca04b936abaf85fbb5 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[0]_S_12092013_204936.txt >>

December 10, 2013

Touché! I deserved that. And speaking of restoring and bringing back in the virus......does this mean my passport, external backup, is virused too? I disconnected it about two weeks ago, suspecting trouble and have not used it since. Do I dare plug it in and try to recapture files off of it?

I followed your directions above and the reports are below. In my first scan of mbar.exe, it showed I had no malware and no cleanup was necessary. So I skipped the second scan.

At the end of all this my internet is working fine, my updates are current and my McAfee firewall is on.

=======================================

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2013

Ran by Debbie at 2013-12-09 19:04:26 Run:2

Running from C:\Users\Debbie\Downloads

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)

*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update* => Value deleted successfully.

==== End of Fixlog ====

Malwarebytes Anti-Rootkit BETA 1.07.0.1008

www.malwarebytes.org

Database version: v2013.12.09.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

Debbie :: DEBBIE-DELL [administrator]

12/09/13 7:17:48 PM

mbar-log-2013-12-09 (19-17-48).txt

Scan type: Quick scan

Scan options disabled:

Objects scanned: 258187

Time elapsed: 33 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1008

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16428

Java version: 1.6.0_31

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 2.261000 GHz

Memory total: 4081606656, free: 1941450752

Downloaded database version: v2013.12.09.08

Downloaded database version: v2013.10.11.02

=======================================

Initializing...

------------ Kernel report ------------

12/09/2013 19:17:42

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\compbatt.sys

\SystemRoot\system32\DRIVERS\BATTC.SYS

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\iaStor.sys

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\drivers\mfehidk.sys

\SystemRoot\System32\Drivers\PxHlpa64.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\mfewfpk.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\??\C:\Windows\system32\drivers\avgtpx64.sys

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\drivers\mssmbios.sys

\??\C:\Windows\system32\drivers\ElRawDsk.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\drivers\HDAudBus.sys

\SystemRoot\system32\DRIVERS\bcmwl664.sys

\SystemRoot\system32\DRIVERS\vwifibus.sys

\SystemRoot\system32\DRIVERS\L1C62x64.sys

\SystemRoot\system32\drivers\i8042prt.sys

\??\C:\Windows\system32\drivers\epfilter.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\SynTP.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\Impcd.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\drivers\wmiacpi.sys

\SystemRoot\system32\DRIVERS\CmBatt.sys

\SystemRoot\system32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\bcmvwl64.sys

\SystemRoot\system32\DRIVERS\wanatw64.sys

\SystemRoot\system32\drivers\swenum.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\system32\drivers\mfeavfk.sys

\SystemRoot\system32\drivers\mfefirek.sys

\SystemRoot\system32\DRIVERS\mfencbdc.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\System32\Drivers\usbvideo.sys

\SystemRoot\system32\DRIVERS\CtClsFlt.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\LHidFilt.Sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\LMouFilt.Sys

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\SaiH8000.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\DRIVERS\vwifimp.sys

\SystemRoot\system32\DRIVERS\ACFSDK64.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\system32\drivers\mfeapfk.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\system32\DRIVERS\ACFXAU64.sys

\??\C:\Program Files (x86)\AOL\DataMask by AOL\epinject64.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\system32\drivers\cfwids.sys

\SystemRoot\system32\DRIVERS\asyncmac.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\drivers\btusbflt.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\system32\DRIVERS\rfcomm.sys

\SystemRoot\system32\drivers\BthEnum.sys

\SystemRoot\system32\DRIVERS\bthpan.sys

\SystemRoot\system32\DRIVERS\btwavdt.sys

\SystemRoot\system32\drivers\btwaudio.sys

\SystemRoot\system32\DRIVERS\btwl2cap.sys

\SystemRoot\system32\DRIVERS\btwrchid.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8004c66060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xfffffa800493e050

Lower Device Driver Name: \Driver\iaStor\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8004c66060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8004ada9d0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8004c66060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800493e050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 7188B833

Partition information:

Partition 0 type is Other (0xde)

Partition is NOT ACTIVE.

Partition starts at LBA: 2048 Numsec = 204800

Partition 1 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 206848 Numsec = 30720000

Partition file system is NTFS

Partition is bootable

Partition 2 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 30926848 Numsec = 594213552

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 320072933376 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...

Done!

Scan finished

=======================================

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_206848_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...

Removal finished

December 9, 2013

This is crazy. How am I getting infected? I am not a surfer, nor do I open up attachments unless I confirm from the sender they are good. Or is this a past one still lurking? Thanks so much for your patience! I Already had the Farbar Recovery on my computer, so I ran another scan from that.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2013

Ran by Debbie (administrator) on DEBBIE-DELL on 09-12-2013 13:03:36

Running from C:\Users\Debbie\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe

(Memeo) C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe

(AOL) C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

(AOL) C:\Program Files (x86)\AOL\DataMask by AOL\ep.exe

(AOL) C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe

(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDFME.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(Webshots.com) C:\Program Files (x86)\Webshots\3.1.5.7619\Webshots.scr

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)

HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-13] (Dell)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)

HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)

MountPoints2: E - E:\LaunchU3.exe -a

MountPoints2: H - H:\LaunchU3.exe -a

MountPoints2: {056b6265-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exe

MountPoints2: {056b6270-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exe

MountPoints2: {056b627d-78ff-11e0-be3b-c44619fd34a2} - E:\AutoRun.exe

MountPoints2: {097a27df-6baf-11e0-b9c1-c44619fd34a2} - E:\AutoRun.exe

MountPoints2: {097a2803-6baf-11e0-b9c1-c44619fd34a2} - E:\AutoRun.exe

MountPoints2: {2e3ae15a-f82f-11e0-9a34-c44619fd34a2} - "E:\WD SmartWare.exe" autoplay=true

MountPoints2: {3a03f7dd-6df0-11e0-9c28-00038a000015} - E:\AutoRun.exe

MountPoints2: {3a03f7e9-6df0-11e0-9c28-00038a000015} - E:\AutoRun.exe

MountPoints2: {4c86b20b-ea9e-11df-aca7-00038a000015} - "E:\WD SmartWare.exe" autoplay=true

MountPoints2: {a6b050e8-3bac-11e1-9810-c44619fd34a2} - H:\LaunchU3.exe -a

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)

Startup: C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk

ShortcutTarget: Webshots.lnk -> C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe (Webshots.com)

Startup: C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_05648578.lnk

ShortcutTarget: _uninst_05648578.lnk -> C:\Users\Debbie\AppData\Local\Temp\_uninst_05648578.bat (No File)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)

BootExecute: autocheck autochk /p \??\F:autocheck autochk *

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://kolbi.msn.com/?rd=1&ucc=CR&dcc=CR&opt=0

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x760B2275FDECCE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

SearchScopes: HKCU - {907C29F0-1F7C-41DE-B59B-CF7830BD034C} URL =

BHO: DataMask by AOL - {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} - C:\Program Files (x86)\AOL\DataMask by AOL\epbho64.dll (AOL)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

BHO: DataMask by AOL - {ff507020-a257-4527-a222-b6f5732e55ee} - C:\Program Files (x86)\AOL\DataMask by AOL\plbho64.dll (AOL)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

Toolbar: HKCU - No Name - {8413196D-E290-4418-B5C6-A3B1379A909C} - No File

Toolbar: HKCU - No Name - {F999A48B-1950-4D81-9971-79018F807B4B} - No File

DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab

DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File

Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File

Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)

Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

FireFox:

========

FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default

FF Keyword.URL: user_pref("keyword.URL", "");

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()

FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @update.sentrybay.com/SentryBay Update;version=8 - C:\Program Files (x86)\SentryBay\Update\1.0.0.7621\npSentryBayOneClick8.dll (AOL)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: No Name - C:\Users\Debbie\AppData\Roaming\Mozilla\Firefox\Profiles\cenagysq.default\Extensions\ScorpionSaver@jetpack

FF HKLM\...\Firefox\Extensions: [sss@sentrybay.com] - C:\Program Files (x86)\AOL\DataMask by AOL\ffext

FF Extension: DataMask by AOL - C:\Program Files (x86)\AOL\DataMask by AOL\ffext

FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF HKLM-x32\...\Firefox\Extensions: [sss@sentrybay.com] - C:\Program Files (x86)\AOL\DataMask by AOL\ffext

FF Extension: DataMask by AOL - C:\Program Files (x86)\AOL\DataMask by AOL\ffext

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:

=======

CHR HKLM-x32\...\Chrome\Extension: [bjaehcnihbogidpfieaepehilfecnodk] - C:\Program Files (x86)\AOL\DataMask by AOL\phishlock.crx

CHR HKLM-x32\...\Chrome\Extension: [kochbcmingebnmbcpbbpfpmipakoipge] - C:\Program Files (x86)\AOL\DataMask by AOL\phishlock.crx

==================== Services (Whitelisted) =================

R2 EntryProtect; C:\Program Files (x86)\AOL\DataMask by AOL\epservice.exe [45896 2013-04-30] (AOL)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)

R2 MemeoBackgroundService; C:\Program Files (x86)\WD\WD Anywhere Backup\MemeoBackgroundService.exe [25824 2009-11-12] (Memeo)

R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)

S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)

S4 sbupdate; C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [129904 2012-05-26] (AOL)

S4 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [118272 2008-07-24] (WDC)

R2 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1978256 2011-08-01] (Western Digital )

R2 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338256 2011-08-01] (Western Digital )

S4 XAudioService; C:\Windows\system32\DRIVERS\ACFXAU64.exe [410624 2007-05-09] (Conexant Systems, Inc.)

S4 AGCoreService; "C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe" [x]

S2 ioloSystemService; "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [x]

S2 vToolbarUpdater17.1.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

S3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [121856 2007-04-26] (Conexant Systems Inc.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-21] (AVG Technologies)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)

S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [35200 2007-05-09] (Conexant Systems, Inc.)

R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-09-17] (EldoS Corporation)

R3 epfilter; C:\Windows\system32\drivers\epfilter.sys [21312 2013-08-12] (SentryBay)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)

R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)

S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)

R3 SaiH8000; C:\Windows\System32\DRIVERS\SaiH8000.sys [178560 2008-04-04] (Saitek)

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-12-09] ()

R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2007-05-09] (Conexant Systems, Inc.)

U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)

S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-08 23:45 - 2013-12-08 23:46 - 00000000 ____D C:\Users\Debbie\Desktop\HOA Acctg

2013-12-08 21:21 - 2013-12-08 23:40 - 00000000 ____D C:\Users\Debbie\Desktop\RK reports

2013-12-08 18:30 - 2013-12-08 18:30 - 04166144 _____ C:\Users\Debbie\Downloads\RogueKillerX64.exe

2013-12-06 22:34 - 2013-12-08 08:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-12-06 22:34 - 2013-12-06 23:27 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2013-12-06 22:31 - 2013-12-06 23:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2013-12-06 22:30 - 2013-12-08 08:21 - 00000000 ____D C:\Users\Debbie\Desktop\mbar

2013-12-06 22:29 - 2013-12-08 08:21 - 00000000 ____D C:\Users\Debbie\Desktop\Malwarbytes Anti-Rootkit

2013-12-06 22:28 - 2013-12-06 22:29 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Debbie\Downloads\mbar-1.07.0.1007.exe

2013-12-06 12:06 - 2013-12-06 12:17 - 00033569 _____ C:\Users\Debbie\Downloads\Addition.txt

2013-12-06 12:05 - 2013-12-09 13:03 - 00018152 _____ C:\Users\Debbie\Downloads\FRST.txt

2013-12-06 12:05 - 2013-12-08 08:21 - 00000000 ____D C:\FRST

2013-12-06 12:04 - 2013-12-06 12:04 - 01925820 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe

2013-12-06 01:37 - 2013-12-09 07:33 - 00000448 _____ C:\Windows\setupact.log

2013-12-06 01:37 - 2013-12-06 01:37 - 00000000 _____ C:\Windows\setuperr.log

2013-12-05 23:02 - 2013-12-08 08:21 - 00000000 ____D C:\Users\Debbie\Desktop\Scorpion Forum clean up reports

2013-12-05 08:15 - 2013-12-05 08:15 - 00688992 ____R (Swearware) C:\Users\Debbie\Downloads\dds.scr

2013-12-03 22:59 - 2013-12-03 22:59 - 00002722 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task

2013-12-03 22:55 - 2013-12-03 22:55 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Debbie\Downloads\Repair-tool.exe

2013-12-03 21:35 - 2013-12-03 21:37 - 22791896 _____ (Microsoft Corporation) C:\Users\Debbie\Downloads\Windows-KB890830-x64-V5.6.exe

2013-12-03 17:59 - 2013-12-03 18:49 - 00000000 ____D C:\Users\Debbie\Downloads\myuninst

2013-12-03 17:58 - 2013-12-03 17:58 - 00046124 _____ C:\Users\Debbie\Downloads\myuninst.zip

2013-12-03 16:14 - 2013-12-03 16:19 - 00015066 _____ C:\Users\Debbie\Downloads\SystemLook.txt

2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\_OTM

2013-12-03 14:11 - 2013-12-03 14:11 - 00522240 _____ (OldTimer Tools) C:\Users\Debbie\Downloads\OTM.exe

2013-12-03 12:42 - 2013-12-03 12:42 - 00165376 _____ C:\Users\Debbie\Downloads\SystemLook_x64.exe

2013-12-03 12:32 - 2013-12-03 12:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-03 12:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-12-03 12:29 - 2013-12-03 12:30 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1-1.75.0.1300.exe

2013-12-03 11:28 - 2013-12-05 23:04 - 00000000 ____D C:\AdwCleaner

2013-12-03 11:27 - 2013-12-03 11:27 - 01110034 _____ C:\Users\Debbie\Downloads\AdwCleaner.exe

2013-12-03 11:07 - 2013-12-03 11:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2013-12-03 10:19 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

2013-12-03 10:18 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files (x86)\McAfee.com

2013-12-03 10:17 - 2013-12-06 01:37 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-12-03 10:17 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files\McAfee.com

2013-12-03 09:36 - 2013-11-04 16:46 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe

2013-12-03 09:26 - 2013-12-03 09:36 - 05131824 _____ (McAfee, Inc.) C:\Users\Debbie\Downloads\McAfeeSetup-Serial.exe

2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Malwarebytes

2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-11-29 00:22 - 2013-11-29 00:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-28 23:22 - 2013-11-28 23:22 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\McAFee TechCheck

2013-11-28 23:20 - 2013-11-28 23:24 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\TechCheck

2013-11-28 23:20 - 2000-05-22 01:00 - 00244416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Msflxgrd.ocx

2013-11-28 23:20 - 2000-05-22 01:00 - 00203976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX

2013-11-28 09:50 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files\Common Files\McAfee

2013-11-28 09:24 - 2013-11-28 09:31 - 00000000 ____D C:\Program Files\stinger

2013-11-28 06:27 - 2013-11-28 06:27 - 00002004 _____ C:\Users\Debbie\Desktop\Workout List 8-7-13 - Shortcut.lnk

2013-11-27 21:51 - 2013-11-27 21:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-27 21:51 - 2013-11-27 21:52 - 00000000 ____D C:\Program Files\iTunes

2013-11-27 21:51 - 2013-11-27 21:52 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-11-27 21:51 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iPod

2013-11-27 20:10 - 2013-10-16 10:18 - 00439296 _____ (Adpeak, Inc.) C:\Windows\system32\AdpeakProxy64.dll

2013-11-27 17:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-11-27 17:01 - 2013-11-27 17:01 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-11-27 17:01 - 2013-11-27 17:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-11-27 17:01 - 2013-11-27 17:01 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-11-27 17:01 - 2013-11-27 17:01 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-11-27 17:01 - 2013-11-27 17:01 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-27 17:01 - 2013-11-27 17:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-27 17:01 - 2013-11-27 17:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-27 17:01 - 2013-11-27 17:01 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-27 17:01 - 2013-11-27 17:01 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-27 17:01 - 2013-11-27 17:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-27 17:01 - 2013-11-27 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-27 17:01 - 2013-11-27 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-11-27 17:01 - 2013-11-27 17:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-11-27 16:58 - 2013-11-27 17:04 - 00007514 _____ C:\Windows\IE11_main.log

2013-11-27 16:52 - 2013-11-27 16:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-11-27 16:52 - 2013-11-27 16:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-11-25 22:20 - 2013-11-25 22:20 - 00006148 ____H C:\Users\Public\.DS_Store

2013-11-19 16:35 - 2013-11-27 08:02 - 00002429 _____ C:\Users\Debbie\Desktop\Scott's Weight - Shortcut.lnk

2013-11-15 13:51 - 2013-11-15 13:58 - 00000000 ____D C:\bbc32f117dc597ff11b76deb

2013-11-14 20:49 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-11-14 20:49 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-11-14 20:49 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-14 20:49 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2013-11-14 20:49 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2013-11-14 20:49 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2013-11-14 20:49 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-11-14 20:49 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2013-11-14 20:49 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-11-14 20:48 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2013-11-14 20:48 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2013-11-14 20:48 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2013-11-14 20:48 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2013-11-14 20:48 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2013-11-14 20:48 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2013-11-14 20:48 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2013-11-14 20:48 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2013-11-14 20:48 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2013-11-14 20:48 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2013-11-14 20:48 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2013-11-14 20:48 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2013-11-14 20:48 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2013-11-14 20:48 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2013-11-14 20:48 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2013-11-14 20:48 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2013-11-14 20:48 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2013-11-14 20:48 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2013-11-14 20:48 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2013-11-14 20:48 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2013-11-14 20:48 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

==================== One Month Modified Files and Folders =======

2014-09-26 09:28 - 2011-03-26 10:05 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher

2014-09-26 09:12 - 2011-03-26 10:05 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job

2014-09-26 09:07 - 2011-03-26 10:05 - 00003456 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest

2014-09-26 08:57 - 2011-03-26 10:05 - 00004276 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2013-12-09 13:04 - 2013-12-06 12:05 - 00018152 _____ C:\Users\Debbie\Downloads\FRST.txt

2013-12-09 13:02 - 2012-05-26 22:57 - 00000892 _____ C:\Windows\Tasks\SentryBayUpdateTaskMachineUA.job

2013-12-09 12:39 - 2011-10-02 00:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-09 12:31 - 2012-04-09 23:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-12-09 08:38 - 2011-10-02 00:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-09 08:32 - 2009-07-13 23:10 - 01076493 _____ C:\Windows\WindowsUpdate.log

2013-12-09 07:45 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-12-09 07:45 - 2009-07-13 22:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-12-09 07:36 - 2013-10-28 21:27 - 00002848 _____ C:\Windows\System32\Tasks\DriverUpdate Startup

2013-12-09 07:36 - 2013-10-28 21:27 - 00000420 _____ C:\Windows\Tasks\DriverUpdate Startup.job

2013-12-09 07:34 - 2013-10-28 21:27 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys

2013-12-09 07:34 - 2012-05-26 22:57 - 00000888 _____ C:\Windows\Tasks\SentryBayUpdateTaskMachineCore.job

2013-12-09 07:34 - 2010-09-02 22:31 - 00000000 ____D C:\Users\Debbie\AppData\Local\SoftThinks

2013-12-09 07:34 - 2010-07-12 18:50 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks

2013-12-09 07:34 - 2010-07-12 18:50 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks

2013-12-09 07:34 - 2010-07-12 18:34 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup

2013-12-09 07:33 - 2013-12-06 01:37 - 00000448 _____ C:\Windows\setupact.log

2013-12-09 07:33 - 2011-04-23 15:18 - 00065536 _____ C:\Windows\system32\Ikeext.etl

2013-12-09 07:33 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-12-09 07:32 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\tracing

2013-12-09 00:02 - 2011-10-03 02:09 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Dropbox

2013-12-08 23:59 - 2011-10-03 02:13 - 00000000 ___RD C:\Users\Debbie\Dropbox

2013-12-08 23:46 - 2013-12-08 23:45 - 00000000 ____D C:\Users\Debbie\Desktop\HOA Acctg

2013-12-08 23:40 - 2013-12-08 21:21 - 00000000 ____D C:\Users\Debbie\Desktop\RK reports

2013-12-08 21:38 - 2009-07-13 23:13 - 00852936 _____ C:\Windows\system32\PerfStringBackup.INI

2013-12-08 18:30 - 2013-12-08 18:30 - 04166144 _____ C:\Users\Debbie\Downloads\RogueKillerX64.exe

2013-12-08 10:13 - 2012-04-19 12:37 - 00000000 ____D C:\Users\Debbie\AppData\Local\BCE66ED4-FCC7-4397-B8C3-53BA4963CEE9.aplzod

2013-12-08 08:33 - 2011-10-02 00:53 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-12-08 08:33 - 2011-10-02 00:53 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-12-08 08:27 - 2010-09-02 22:31 - 00000000 ____D C:\Users\Debbie

2013-12-08 08:21 - 2013-12-06 22:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-12-08 08:21 - 2013-12-06 22:30 - 00000000 ____D C:\Users\Debbie\Desktop\mbar

2013-12-08 08:21 - 2013-12-06 22:29 - 00000000 ____D C:\Users\Debbie\Desktop\Malwarbytes Anti-Rootkit

2013-12-08 08:21 - 2013-12-06 12:05 - 00000000 ____D C:\FRST

2013-12-08 08:21 - 2013-12-05 23:02 - 00000000 ____D C:\Users\Debbie\Desktop\Scorpion Forum clean up reports

2013-12-08 08:21 - 2013-09-18 01:20 - 00000000 ____D C:\Users\Debbie\Desktop\CDSP Troy Mac servers

2013-12-08 08:21 - 2013-02-12 13:58 - 00000000 ____D C:\Users\Debbie\Desktop\Labels

2013-12-08 08:21 - 2010-09-04 04:25 - 00000000 ___SD C:\Users\Debbie\Documents\My ScanSnap

2013-12-08 08:21 - 2009-07-14 01:44 - 00000000 ___RD C:\Users\Public\Recorded TV

2013-12-08 08:21 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-12-08 08:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF

2013-12-08 08:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration

2013-12-08 08:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\AppCompat

2013-12-07 03:33 - 2013-10-17 12:26 - 00000000 ____D C:\Users\Debbie\Desktop\Photos to file into folders

2013-12-06 23:27 - 2013-12-06 22:34 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2013-12-06 23:26 - 2013-12-06 22:31 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2013-12-06 23:18 - 2010-07-12 20:00 - 00362322 _____ C:\Windows\PFRO.log

2013-12-06 23:18 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Speech

2013-12-06 22:29 - 2013-12-06 22:28 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Debbie\Downloads\mbar-1.07.0.1007.exe

2013-12-06 12:17 - 2013-12-06 12:06 - 00033569 _____ C:\Users\Debbie\Downloads\Addition.txt

2013-12-06 12:04 - 2013-12-06 12:04 - 01925820 _____ (Farbar) C:\Users\Debbie\Downloads\FRST64.exe

2013-12-06 01:37 - 2013-12-06 01:37 - 00000000 _____ C:\Windows\setuperr.log

2013-12-06 01:37 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-12-05 23:04 - 2013-12-03 11:28 - 00000000 ____D C:\AdwCleaner

2013-12-05 08:15 - 2013-12-05 08:15 - 00688992 ____R (Swearware) C:\Users\Debbie\Downloads\dds.scr

2013-12-03 22:59 - 2013-12-03 22:59 - 00002722 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task

2013-12-03 22:55 - 2013-12-03 22:55 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Debbie\Downloads\Repair-tool.exe

2013-12-03 21:37 - 2013-12-03 21:35 - 22791896 _____ (Microsoft Corporation) C:\Users\Debbie\Downloads\Windows-KB890830-x64-V5.6.exe

2013-12-03 18:49 - 2013-12-03 17:59 - 00000000 ____D C:\Users\Debbie\Downloads\myuninst

2013-12-03 17:58 - 2013-12-03 17:58 - 00046124 _____ C:\Users\Debbie\Downloads\myuninst.zip

2013-12-03 16:19 - 2013-12-03 16:14 - 00015066 _____ C:\Users\Debbie\Downloads\SystemLook.txt

2013-12-03 15:34 - 2012-08-21 13:52 - 00000000 ____D C:\ProgramData\McAfee

2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\_OTM

2013-12-03 14:11 - 2013-12-03 14:11 - 00522240 _____ (OldTimer Tools) C:\Users\Debbie\Downloads\OTM.exe

2013-12-03 12:50 - 2011-02-12 00:07 - 00000000 ____D C:\Program Files (x86)\Safari

2013-12-03 12:42 - 2013-12-03 12:42 - 00165376 _____ C:\Users\Debbie\Downloads\SystemLook_x64.exe

2013-12-03 12:33 - 2013-12-03 12:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-03 12:30 - 2013-12-03 12:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1-1.75.0.1300.exe

2013-12-03 11:27 - 2013-12-03 11:27 - 01110034 _____ C:\Users\Debbie\Downloads\AdwCleaner.exe

2013-12-03 11:07 - 2013-12-03 11:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2013-12-03 10:19 - 2013-10-08 23:57 - 00000000 ____D C:\Program Files\McAfee

2013-12-03 10:18 - 2013-12-03 10:18 - 00000000 ____D C:\Program Files (x86)\McAfee.com

2013-12-03 10:18 - 2013-11-28 09:50 - 00000000 ____D C:\Program Files\Common Files\McAfee

2013-12-03 10:17 - 2013-12-03 10:17 - 00000000 ____D C:\Program Files\McAfee.com

2013-12-03 09:36 - 2013-12-03 09:26 - 05131824 _____ (McAfee, Inc.) C:\Users\Debbie\Downloads\McAfeeSetup-Serial.exe

2013-11-29 16:54 - 2013-09-29 21:28 - 00000000 ____D C:\Users\Debbie\Desktop\Rental Statements

2013-11-29 13:17 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache

2013-11-29 10:30 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-11-29 08:19 - 2010-09-04 16:48 - 00842006 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2013-11-29 00:32 - 2013-10-22 00:17 - 00000095 _____ C:\Users\Debbie\AppData\Roaming\WB.CFG

2013-11-29 00:32 - 2009-08-20 00:17 - 00000006 _____ C:\Users\Debbie\AppData\Roaming\WBPU-TTL.DAT

2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Malwarebytes

2013-11-29 00:25 - 2013-11-29 00:25 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-11-29 00:23 - 2013-11-29 00:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Debbie\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-28 23:24 - 2013-11-28 23:20 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\TechCheck

2013-11-28 23:22 - 2013-11-28 23:22 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\McAFee TechCheck

2013-11-28 09:31 - 2013-11-28 09:24 - 00000000 ____D C:\Program Files\stinger

2013-11-28 06:27 - 2013-11-28 06:27 - 00002004 _____ C:\Users\Debbie\Desktop\Workout List 8-7-13 - Shortcut.lnk

2013-11-27 21:53 - 2013-11-27 21:51 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-27 21:52 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iTunes

2013-11-27 21:52 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-11-27 21:51 - 2013-11-27 21:51 - 00000000 ____D C:\Program Files\iPod

2013-11-27 21:35 - 2010-09-02 22:31 - 00000000 ___RD C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-11-27 19:03 - 2010-09-02 22:37 - 00001415 _____ C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-27 17:04 - 2013-11-27 16:58 - 00007514 _____ C:\Windows\IE11_main.log