Here is the FRST Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014Ran by Dave (administrator) on DAVE-PC on 04-06-2014 15:18:48Running from C:\Users\Dave\DownloadsPlatform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Microsoft Corporation) C:\Windows\System32\SLsvc.exe(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe() C:\Windows\System32\WLTRYSVC.EXE(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe(McAfee, Inc.) C:\Program Files\McAfee\MPF\MpfSrv.exe(McAfee, Inc.) C:\Program Files\McAfee\MSK\msksrver.exe(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco NAC Agent\NACAgent.exe(IDT, Inc.) C:\Windows\System32\stacsv.exe(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe() C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe() C:\Users\Dave\AppData\Local\MRS\winsystem.exe() C:\Users\Dave\AppData\Local\MRS\svcsystem.exe(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcmscsvc.exe(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcsysmon.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Dell Inc.) C:\Windows\System32\WLTRAY.EXE(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe(Google Inc.) C:\Program Files\Google\Gmail Notifier\gnotify.exe() C:\Program Files\Logitech\QuickCam\Quickcam.exe(D-Link Corporation) C:\Program Files\D-Link\SharePort\SharePort Network USB Utility.exe(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe(Microsoft Corporation) C:\Windows\ehome\ehtray.exe(AOL LLC) C:\Program Files\AIM6\aim6.exe(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe(Spotify Ltd) C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe(Spotify Ltd) C:\Users\Dave\AppData\Roaming\Spotify\spotify.exe(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe() C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyHelper.exe(AOL LLC) C:\Program Files\AIM6\aolsoftware.exe() C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyHelper.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(The Privoxy team - www.privoxy.org) C:\Program Files\MRS\pvx\privoxy.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-24] (Alps Electric Co., Ltd.)HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-10-27] (Dell Inc.)HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-28] (Google)HKLM\...\Run: [mcagent_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [645328 2009-01-08] (McAfee, Inc.)HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)HKLM\...\Run: [dellsupportcenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)HKLM\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] => C:\Program Files\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13543968 2008-06-09] (NVIDIA Corporation)HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-06-09] (NVIDIA Corporation)HKLM\...\Run: [NVHotkey] => C:\Windows\system32\nvHotkey.dll [96800 2008-06-09] (NVIDIA Corporation)HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\QuickCam\Quickcam.exe [2656528 2008-12-20] ()HKLM\...\Run: [D-Link Network USB Utility] => C:\Program Files\D-Link\SharePort\SharePort Network USB Utility.exe [2605312 2008-12-26] (D-Link Corporation)HKLM\...\Run: [OM2_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [54672 2009-11-25] (OLYMPUS IMAGING CORP.)HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Carbonite\CarbonitePreinstaller.exe [283792 2010-03-09] (Carbonite, Inc.)HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2010-07-12] (Nullsoft, Inc.)HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM\...\Run: [ROC_roc_dec12] => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12HKLM\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1HKLM\...\Run: [NACAgentUI] => C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe [593880 2012-05-24] (Cisco Systems, Inc.)HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Run: [sigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-28] (Google Inc.)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [Aim6] => C:\Program Files\AIM6\aim6.exe [49968 2009-07-09] (AOL LLC)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [OM2_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [95632 2009-11-25] (OLYMPUS IMAGING CORP.)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [Orb] => C:\Program Files\Winamp Remote\bin\OrbTray.exe [507904 2008-03-31] (Orb Networks)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [spotify Web Helper] => C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-19] (Spotify Ltd)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3549528 2013-09-13] (Electronic Arts)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [spotify] => C:\Users\Dave\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-19] (Spotify Ltd)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [Facebook Update] => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-20] (Facebook Inc.)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {1773bff4-f62d-11e1-bb93-0023aeb49a32} - F:\TL-Bootstrap.exeHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {1773c028-f62d-11e1-bb93-0023aeb49a32} - F:\TL-Bootstrap.exeHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {68552873-cb0e-11df-b27f-0023aeb49a32} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\ClickMe.exeHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {c167e9fa-ed75-11dd-87e4-806e6f6e6963} - E:\SETUP.EXE -autorunHKU\S-1-5-21-910741185-1763553365-2663291245-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)HKU\S-1-5-21-910741185-1763553365-2663291245-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [173056 2009-04-11] (Microsoft Corporation) <==== ATTENTION AppInit_DLLs: c:\progra~1\suptab\search~1.dll => c:\progra~1\suptab\search~1.dll File Not FoundStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnkShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnkShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnkShortcutTarget: Epson all-in-one Registration.lnk -> E:\Common\EpsonReg\EPS2.exe (No File)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnkShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled.ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1401755165&from=irs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXEX08TU4132U4132&i=psd&t=34382dd27&q={searchTerms}HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1401755165&from=irs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXEX08TU4132U4132&i=psd&t=34382dd27&q={searchTerms}URLSearchHook: HKLM - AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)URLSearchHook: HKCU - AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)StartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}SearchScopes: HKCU - DefaultScope {47AD7A66-2030-4BF5-A384-D0393375BDDB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7SearchScopes: HKCU - {47AD7A66-2030-4BF5-A384-D0393375BDDB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={CA65EF01-EBDC-4CF3-8B8A-D95D08382349}&mid=3bd339ccd02981e460482666ec8b2752-f7cf5aabd559603c7a471e390cbaf2a9c3e18e48〈=us&ds=AVG&pr=&d=2012-02-18 23:47:43&v=12.2.5.32&sap=dsp&q={searchTerms} SearchScopes: HKCU - {AE73B74A-703D-4C29-A851-431BD1F3B306} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=w3i&hsimp=yhs-geneiotransfer&type=W3i_IA,206,0_0,StartPage,20120102,18482,0,0,6434&p={searchTerms}BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\mskapbho.dll ()BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll No FileBHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileToolbar: HKLM - AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No FileToolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileToolbar: HKCU - AIM Toolbar - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)Toolbar: HKCU - Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabHandler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Dave\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Dave\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\Dave\AppData\Roaming\Move NetworksFF Extension: Move Media Player - C:\Users\Dave\AppData\Roaming\Move Networks [2009-09-05] Chrome: =======CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-04]CHR Extension: (Google Wallet) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02] ========================== Services (Whitelisted) ================= R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-24] (Stardock Corporation)R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-16] (SEIKO EPSON CORPORATION)R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-10] (SEIKO EPSON CORPORATION)S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-28] (Google)R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)R2 mcmscsvc; C:\Program Files\McAfee\MSC\mcmscsvc.exe [797864 2009-01-08] (McAfee, Inc.)R2 McNASvc; C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [2482848 2009-01-09] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [365072 2009-01-09] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-01-09] (McAfee, Inc.)R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [144704 2009-01-09] (McAfee, Inc.)R3 McSysmon; C:\Program Files\McAfee\VirusScan\mcsysmon.exe [606736 2009-01-09] (McAfee, Inc.)R2 MpfService; C:\Program Files\McAfee\MPF\MPFSrv.exe [884360 2009-01-09] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\McAfee\MSK\MskSrver.exe [26640 2009-01-09] (McAfee, Inc.)R2 NACAgent; C:\Program Files\Cisco\Cisco NAC Agent\NACAgent.exe [1259480 2012-05-24] (Cisco Systems, Inc.)R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)R2 SystemUpdatekb70007; C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] ()R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-10-27] (Dell Inc.)S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X] ==================== Drivers (Whitelisted) ==================== R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-10-27] (Broadcom Corporation)R3 DlinkUDSMBus; C:\Windows\System32\Drivers\DlinkUDSMBus.sys [74624 2008-11-11] (Windows ® Codename Longhorn DDK provider)S3 DlinkUDSTcpBus; C:\Windows\System32\Drivers\DlinkUDSTcpBus.sys [97664 2008-11-11] (Windows ® Codename Longhorn DDK provider)R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2008-12-16] ()S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-04] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79304 2009-01-09] (McAfee, Inc.)R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-01-09] (McAfee, Inc.)R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [213640 2009-01-09] (McAfee, Inc.)S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34216 2009-01-09] (McAfee, Inc.)R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-01-09] (McAfee, Inc.)R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2008-10-23] (McAfee, Inc.)S3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [735232 2009-08-03] (Ralink Technology Corp.)S3 IpInIp; system32\DRIVERS\ipinip.sys [X]S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-04 15:08 - 2014-06-04 15:17 - 00016994 _____ () C:\Users\Dave\Downloads\Addition.txt2014-06-04 15:03 - 2014-06-04 15:19 - 00028628 _____ () C:\Users\Dave\Downloads\FRST.txt2014-06-04 15:03 - 2014-06-04 15:19 - 00000000 ____D () C:\FRST2014-06-04 14:58 - 2014-06-04 14:58 - 01059840 _____ (Farbar) C:\Users\Dave\Downloads\FRST.exe2014-06-04 13:47 - 2014-06-04 13:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-04 13:44 - 2014-06-04 13:44 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2014-06-04 13:44 - 2014-05-12 07:35 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-04 13:44 - 2014-05-12 07:35 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-04 13:44 - 2014-05-12 07:35 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-04 13:39 - 2014-06-04 13:40 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup.exe2014-06-03 13:39 - 2014-06-03 13:39 - 00000000 ____D () C:\Program Files\ESET2014-06-03 13:38 - 2014-06-03 13:38 - 02347384 _____ (ESET) C:\Users\Dave\Downloads\esetsmartinstaller_enu.exe2014-06-03 13:16 - 2014-06-03 13:16 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Dave\Downloads\tdsskiller.exe2014-06-03 13:01 - 2014-06-03 13:01 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-03 13:01 - 2014-06-03 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-06-03 13:00 - 2014-06-04 15:05 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-03 13:00 - 2014-06-04 13:26 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-03 12:55 - 2014-06-03 12:55 - 00442892 _____ () C:\Users\Dave\Documents\bookmarks_6_3_14.html2014-06-02 22:25 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-06-02 20:32 - 2014-06-02 20:32 - 00000000 ____D () C:\Program Files\predm2014-06-02 20:28 - 2014-06-03 20:01 - 00000000 ____D () C:\Users\Dave\AppData\Local\MRS2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\MRS2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Program Files\MRS2014-06-02 20:26 - 2014-06-03 19:59 - 00000000 ____D () C:\ProgramData\IePluginServices2014-06-02 20:26 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\SupTab2014-06-02 20:26 - 2014-06-02 20:30 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator2014-06-02 20:25 - 2014-06-02 20:25 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\wi_upd2014-06-02 20:13 - 2014-06-03 13:03 - 00000000 ____D () C:\Users\Dave\Documents\Optimizer Pro2014-06-02 20:13 - 2014-06-02 20:13 - 00000000 ____D () C:\ProgramData\TEMP2014-06-02 20:07 - 2014-06-04 14:46 - 00000000 ____D () C:\temp2014-06-02 20:07 - 2014-06-02 20:15 - 00000000 ____D () C:\Program Files\Optimizer Pro2014-06-02 20:04 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\0032014-06-02 20:04 - 2014-06-02 20:04 - 00000000 _____ () C:\END2014-06-02 20:02 - 2014-06-03 02:07 - 00000000 ____D () C:\Program Files\globalUpdate2014-06-02 20:02 - 2014-06-02 20:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\globalUpdate2014-06-02 19:58 - 2014-06-02 19:58 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\OpenCandy2014-06-02 19:56 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent2014-05-23 13:27 - 2014-05-23 13:27 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2014-05-23 13:18 - 2014-05-05 19:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-23 13:18 - 2014-05-05 19:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-23 13:18 - 2014-05-05 19:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-14 23:00 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll ==================== One Month Modified Files and Folders ======= 2014-06-04 15:21 - 2009-02-04 19:48 - 00000000 ____D () C:\Users\Dave\AppData\Local\Temp2014-06-04 15:19 - 2014-06-04 15:03 - 00028628 _____ () C:\Users\Dave\Downloads\FRST.txt2014-06-04 15:19 - 2014-06-04 15:03 - 00000000 ____D () C:\FRST2014-06-04 15:17 - 2014-06-04 15:08 - 00016994 _____ () C:\Users\Dave\Downloads\Addition.txt2014-06-04 15:10 - 2011-08-03 20:13 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Spotify2014-06-04 15:05 - 2014-06-03 13:00 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-04 15:02 - 2013-03-05 21:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-06-04 15:02 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A02014-06-04 15:02 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A02014-06-04 14:58 - 2014-06-04 14:58 - 01059840 _____ (Farbar) C:\Users\Dave\Downloads\FRST.exe2014-06-04 14:46 - 2014-06-02 20:07 - 00000000 ____D () C:\temp2014-06-04 14:26 - 2013-11-20 00:21 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000UA.job2014-06-04 13:49 - 2014-06-04 13:47 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-04 13:44 - 2014-06-04 13:44 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2014-06-04 13:40 - 2014-06-04 13:39 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup.exe2014-06-04 13:37 - 2009-01-28 16:00 - 01720489 _____ () C:\Windows\WindowsUpdate.log2014-06-04 13:32 - 2013-01-26 11:03 - 00000000 ____D () C:\Program Files\Origin2014-06-04 13:31 - 2013-09-18 09:37 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Dropbox2014-06-04 13:29 - 2009-02-05 23:44 - 00027744 _____ () C:\ProgramData\nvModes.0012014-06-04 13:28 - 2009-01-28 22:28 - 00068353 _____ () C:\Windows\system32\Config.MPF2014-06-04 13:26 - 2014-06-03 13:00 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-04 13:26 - 2012-10-11 15:48 - 00000408 _____ () C:\Windows\Tasks\PC Optimizer Pro startups.job2014-06-04 13:26 - 2009-02-05 23:44 - 00027744 _____ () C:\ProgramData\nvModes.dat2014-06-04 13:26 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-04 13:24 - 2006-11-02 09:01 - 00032520 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-06-03 20:01 - 2014-06-02 20:28 - 00000000 ____D () C:\Users\Dave\AppData\Local\MRS2014-06-03 19:59 - 2014-06-02 20:26 - 00000000 ____D () C:\ProgramData\IePluginServices2014-06-03 19:59 - 2014-06-02 20:26 - 00000000 ____D () C:\Program Files\SupTab2014-06-03 19:59 - 2014-06-02 20:04 - 00000000 ____D () C:\Program Files\0032014-06-03 18:19 - 2009-07-19 18:05 - 00000556 ____H () C:\Windows\Tasks\Norton Security Scan for Dave.job2014-06-03 13:39 - 2014-06-03 13:39 - 00000000 ____D () C:\Program Files\ESET2014-06-03 13:38 - 2014-06-03 13:38 - 02347384 _____ (ESET) C:\Users\Dave\Downloads\esetsmartinstaller_enu.exe2014-06-03 13:19 - 2008-01-20 22:47 - 00099288 _____ () C:\Windows\PFRO.log2014-06-03 13:16 - 2014-06-03 13:16 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Dave\Downloads\tdsskiller.exe2014-06-03 13:03 - 2014-06-02 20:13 - 00000000 ____D () C:\Users\Dave\Documents\Optimizer Pro2014-06-03 13:01 - 2014-06-03 13:01 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-03 13:01 - 2014-06-03 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-06-03 13:01 - 2009-01-28 22:24 - 00000000 ____D () C:\Program Files\Google2014-06-03 13:00 - 2009-07-30 00:55 - 00000000 ____D () C:\Users\Dave\AppData\Local\Deployment2014-06-03 12:58 - 2009-02-04 19:52 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google2014-06-03 12:55 - 2014-06-03 12:55 - 00442892 _____ () C:\Users\Dave\Documents\bookmarks_6_3_14.html2014-06-03 12:50 - 2006-11-02 06:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-03 02:42 - 2013-04-14 22:50 - 00000000 ____D () C:\Program Files\7-Zip2014-06-03 02:28 - 2009-02-04 21:06 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Apple Computer2014-06-03 02:07 - 2014-06-02 20:02 - 00000000 ____D () C:\Program Files\globalUpdate2014-06-02 23:26 - 2013-11-20 00:21 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000Core.job2014-06-02 21:38 - 2012-10-11 15:48 - 00000436 _____ () C:\Windows\Tasks\PC Optimizer Pro Updates.job2014-06-02 20:37 - 2014-06-02 19:56 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent2014-06-02 20:36 - 2011-09-28 23:46 - 00000951 _____ () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-06-02 20:32 - 2014-06-02 20:32 - 00000000 ____D () C:\Program Files\predm2014-06-02 20:30 - 2014-06-02 20:26 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\MRS2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Program Files\MRS2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator2014-06-02 20:25 - 2014-06-02 20:25 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\wi_upd2014-06-02 20:15 - 2014-06-02 20:07 - 00000000 ____D () C:\Program Files\Optimizer Pro2014-06-02 20:13 - 2014-06-02 20:13 - 00000000 ____D () C:\ProgramData\TEMP2014-06-02 20:04 - 2014-06-02 20:04 - 00000000 _____ () C:\END2014-06-02 20:03 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Resources2014-06-02 20:02 - 2014-06-02 20:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\globalUpdate2014-06-02 19:58 - 2014-06-02 19:58 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\OpenCandy2014-06-02 10:03 - 2011-08-03 20:13 - 00000000 ____D () C:\Users\Dave\AppData\Local\Spotify2014-06-01 01:00 - 2009-01-28 22:26 - 00000348 _____ () C:\Windows\Tasks\McQcTask.job2014-05-23 22:16 - 2009-02-04 21:01 - 00000000 ____D () C:\Program Files\Full Tilt Poker.Net2014-05-23 18:33 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET2014-05-23 13:39 - 2013-10-21 09:42 - 00000000 ____D () C:\Windows\system32\MRT2014-05-23 13:28 - 2006-11-02 06:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe2014-05-23 13:27 - 2014-05-23 13:27 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2014-05-23 13:27 - 2009-02-05 14:56 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-05-23 13:03 - 2009-03-23 18:53 - 00000680 _____ () C:\Users\Dave\AppData\Local\d3d9caps.dat2014-05-18 15:03 - 2009-02-04 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\FullTiltPoker.NET2014-05-15 00:59 - 2009-01-28 22:26 - 00000356 _____ () C:\Windows\Tasks\McDefragTask.job2014-05-14 02:02 - 2013-03-05 21:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2014-05-14 02:02 - 2011-07-07 01:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2014-05-12 07:35 - 2014-06-04 13:44 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-05-12 07:35 - 2014-06-04 13:44 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-05-12 07:35 - 2014-06-04 13:44 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-05-05 19:32 - 2014-05-23 13:18 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-05 19:14 - 2014-05-23 13:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-05 19:14 - 2014-05-23 13:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll Some content of TEMP:====================C:\Users\Dave\AppData\Local\Temp\AutoRun.exeC:\Users\Dave\AppData\Local\Temp\AutoRunGUI.dllC:\Users\Dave\AppData\Local\Temp\CarboniteSetupLiteSunPreinstaller.exeC:\Users\Dave\AppData\Local\Temp\CommonInstaller.exeC:\Users\Dave\AppData\Local\Temp\contentDATs.exeC:\Users\Dave\AppData\Local\Temp\First15.exeC:\Users\Dave\AppData\Local\Temp\IeSearchProvider.exeC:\Users\Dave\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\mpengine.dllC:\Users\Dave\AppData\Local\Temp\mssinstaller.exeC:\Users\Dave\AppData\Local\Temp\NewsFeed[0].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[1].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[2].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[3].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[4].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[5].dllC:\Users\Dave\AppData\Local\Temp\ose00000.exeC:\Users\Dave\AppData\Local\Temp\SearchWithGoogleUpdate.exeC:\Users\Dave\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\Dave\AppData\Local\Temp\SkypeSetup.exeC:\Users\Dave\AppData\Local\Temp\SpOrder.dllC:\Users\Dave\AppData\Local\Temp\SportFeed[0].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[10].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[11].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[12].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[13].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[14].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[15].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[16].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[17].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[18].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[19].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[1].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[20].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[21].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[22].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[2].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[3].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[4].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[5].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[6].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[7].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[8].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[9].dllC:\Users\Dave\AppData\Local\Temp\SpotifyUpgrader.exeC:\Users\Dave\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dllC:\Users\Dave\AppData\Local\Temp\Uninstall.exeC:\Users\Dave\AppData\Local\Temp\updater_uninstall.exeC:\Users\Dave\AppData\Local\Temp\VP6Install.exeC:\Users\Dave\AppData\Local\Temp\VP6VFW.dllC:\Users\Dave\AppData\Local\Temp\wmpfirefoxplugin.exeC:\Users\Dave\AppData\Local\Temp\xpbekr2c.3xh.exeC:\Users\Dave\AppData\Local\Temp\xrhjuakk.k0d.exeC:\Users\Dave\AppData\Local\Temp\_is1576.exeC:\Users\Dave\AppData\Local\Temp\_is54F5.exeC:\Users\Dave\AppData\Local\Temp\_isCE66.exeC:\Users\Dave\AppData\Local\Temp\_isEE45.exeC:\Users\Dave\AppData\Local\Temp\{1B63298F-8C41-4FAE-83F3-0C9333749BB1}.exeC:\Users\Dave\AppData\Local\Temp\{5ACB1A80-98C6-4837-9887-E00165C183A5}.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legitC:\Windows\system32\winlogon.exe => MD5 is legitC:\Windows\system32\wininit.exe => MD5 is legitC:\Windows\system32\svchost.exe => MD5 is legitC:\Windows\system32\services.exe => MD5 is legitC:\Windows\system32\User32.dll => MD5 is legitC:\Windows\system32\userinit.exe => MD5 is legitC:\Windows\system32\rpcss.dll => MD5 is legitC:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-06-04 13:34 ==================== End Of Log ============================